#wreath-network

Ok @surreal sail, you will now be notified of future announcements.

hello I am trying to get this exploit to work on wreath task 6 I tried kali on the browser, attack the box, and my own kali I followed the instructions to the teeth the only thing left is that someone messed it up. could someone help press the reset button only two people left.

You are sure the machine is running? After a bit of inactivity it falls asleep. If so then my advice would be to either wait a while and see if it fixes itself/restart the network or do what I did when I had this issue and leave and then rejoin the room. This will place you on a different IP subnet attacking different machines and should fix the issue.

Help please, I can't perform the initial steps in task 17 "Git Server enumeration" I follow the steps of the platform instructions and it doesn't work for me, and the support video is not entirely clear in explaining how to do this.

Can not conncet lab

Have you downloaded the wreath VPN?

Yes

Hello, I can connect to the first machine by ssh. But I cant ping or connect to attack machine

if I ping from attack machine to prod-serv, it success

I use both of forward socks proxy and reverse socks proxy but still not working

Wrong IP. That's the AttackBox's normal IP address. Check your interfaces -- you should have a tun0 interface with a network IP attached to it.

Thank you. It work 😂

I think wreath may be down again. anyway we can get 3 people to vote for a reset?

please 🙂

it is nice though, lowering the requirements from 8 to 5.

nope never mind its not down

ips just changed 😄

They saw your traffic and switched it up as a defensive measure.

Hate to break it to you, but those will probably go back up. It's not a static number iirc -- it's 20% of the people in the network instance.

I can't seem to get the hash for the root user to be accepted on task 6.. anyone else have this problem or able to help?

Likely means some inconsiderate person has changed the password on the box

You were right.. accepted after the box was reset

Hi there

anyone experinecing this error when trying to download the connect files?

404- An error ocured

Uh-oh this page hgas been lost in the matrix

already tried to regenerate and wait 5min +

already logout and login again

nothing works, can't start :\

Leave the room and rejoin

will try that

@strange bison worked. thank you

Gave +1 Rep to @strange bison

!docs verify

my first network and port scan results are null

gotta wait for the last vote to reset the network

Nevermind - all set

yo anyone is in 10.200.73.200 ?

The network did reset but still no ports are open. Am I doing something wrong?

oh f :-;

mb, i have to select wreath

and regenerate vpn config

Whoever is left for 10.200.73.1/24 network please reset it

Anyone around who can help me with Chisel on task 34?

Trying to pivot into the .100 machine so that I can access it on port 80 from my kali machine but getting this error:

Evil-WinRM PS C:\Temp> ./chisel_x90mul.exe client 10.50.66.69:2222 R:80:10.200.73.100:80
chisel_x90mul.exe : 2022/06/24 11:47:46 client: Connecting to ws://10.50.66.69:2222
+ CategoryInfo : NotSpecified: (2022/06/24 11:4...0.50.66.69:2222:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
2022/06/24 11:48:07 client: Connection error: dial tcp 10.50.66.69:2222: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.2022/06/24 11:48:07 client: Retrying in 100ms..

I am listening on port 2222 on my kali machine.

!docs verify

Tried using plink too without any success

Cannot rejoin the wreath network, every time when i press join it just refreshes the page

any reason why setting up a python3 web server on the victim machine wouldn't work?

It says, its listening but i've got no luck accessing it

There's a firewall on the box...

Resolved using sshuttle

Any ideas why this isn't appearing locally when it says it has downloaded successfully?

Resolved using full source path

so for unknown reasons 😮 I was getting the error

Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

Idk why it didn't work when I tried copy pasting 2-3 times and waited for a server reset

but just copying the test and echoing it out into a file worked. :-; weird.

Does anyone have some good resources for learning about proxychains, tunnelling etc.? The room explains it quite well but I'm new to the subject so still trying to wrap my head around it

Like the network side of things?

yea

or even just stuff to learn more about specifically proxychains, sshuttle, chisel etc.

So here's a playlist I used in passing the Network+ that has sections that discuss it pretty well. The hardware stuff is probably skippable, but the bits in IP and ports would give you a basic idea of how your connecting through. https://youtube.com/playlist?list=PLG49S3nxzAnlCJiCrOYuRYb6cne864a7G

Specifics on the tools is just searching for them on YouTube. Most of them have pretty thorough walkthroughs.

thanks man

gonna bookmark this and check it out

Happy to help

After upgrading kali linux, openvpn connect is not working I am getting following messages after every 5 secs

2022-06-25 18:13:45 OPTIONS IMPORT: peer-id set
2022-06-25 18:13:45 OPTIONS ERROR: failed to negotiate cipher with server.  Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server.
2022-06-25 18:13:45 ERROR: Failed to apply push options
2022-06-25 18:13:45 Failed to open tun/tap interface
2022-06-25 18:13:45 SIGUSR1[soft,process-push-msg-failed] received, process restarting
2022-06-25 18:13:45 Restart pause, 5 second(s)

Any idea how can I solve this

there's a fix for this pinned in #site-support

Hello guys, cannot rejoin the room. What is wrong?

Hi, can't ping the machine last few days, mine 10.200.105/24. Can you please Reset,

You sure you are connected properly? Of enough people are having issues then they can vote to reset it, but if you are the only one than it is probably something you are doing wrong nit the machine itself

Tnx, it was openvpn, had to rollback to 2.5.7

ah yeah, a lot of people have been having issues with that as of late

Has anyone managed to do task 17?

yes, wassup

Im having trouble getting Wreath connected to my VM. I downloaded the Wreath VPN config and have it running. Still not connected to the machine though

Can you send a screenshot of the website with your network, your VPN and ip config

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.2.95.138 netmask 255.255.128.0 destination 10.2.95.138
inet6 fe80::16e8:dcd4:ab67:df15 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10 bytes 480 (480.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

What does it say after network on the right side in second picture?

network state: running

Looks like you are getting a wrong ip on your VM though

Do i need to change something manually

can you show the output of the VPN

like a screenshot of the terminal after you run the VPN command

(problem found in dms, having 7 vpns running at the same time)

Only 7?

yee, we are still figuring out why there's still routing problems, but now it only is 1 vpn

Is it BlasterZ?

yup

#wreath-network message

Looking at that pic, it doesn't look like they're in the room. unless it's an earlier s/shot.

Either that or it's a display thing.

it's probably a display thing, he gets the VPN and everything

That IP was the non-wreath VPN, assuming that's sorted now

It was, he had 7 vpns running

Hey everyone, Does anyone knows how to install powershell-empire in Parrot OS, I am unable to do it via apt and git repository of the package

After downloading the static namp binary, to what destination should this file be uploaded? since not even following the steps of the example can carry out this task.

to /tmp/nmap-<username>

still facing it?

Still a problem?

my chisel proxy isnt working anymore

it worked yesterday

then i stopped it

now i started it again

now its not working

tried different ports as well

;-;

executing the stager from empire gives me the following error:

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "<string>", line 16, in <module>
  File "/usr/lib64/python3.6/urllib/request.py", line 223, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib64/python3.6/urllib/request.py", line 526, in open
    response = self._open(req, data)
  File "/usr/lib64/python3.6/urllib/request.py", line 544, in _open
    '_open', req)
  File "/usr/lib64/python3.6/urllib/request.py", line 504, in _call_chain
    result = func(*args)
  File "/usr/lib64/python3.6/urllib/request.py", line 1346, in http_open
    return self.do_open(http.client.HTTPConnection, req)
  File "/usr/lib64/python3.6/urllib/request.py", line 1320, in do_open
    raise URLError(err)
urllib.error.URLError: <urlopen error [Errno 111] Connection refused>

tried executing it ;-; on my local machine but with no success

uff it coulld be because of unexposed ports on dockewr

Are you... trying to connect back to a... dockerised... version of Empire...?

Because, uh, yeah, you kinda need the listener port to be open on the host...

yea I was , I just ended up installing locally as i didn't knew how many ports I would need to expose. as we cannot expose ports on running container and need to restart. just felt ;-;it too time consuming.

can i get 2 more people to help reset the wreath network

Did you get your reset?

yeah. just got back home. looks like its working online again

working on task 6, trying to copy the ssh key over, but i'm not seeing the private key, just the public one. Am I missing something? it looks like someon is making a bunch of new keys in the .ssh folder as well -.-

i got it working, i had to use chattr -i authorized_keys to allow editing and then appended a new public key to the end of the file and was able to use that key to login. i hope that's okay to edit that, i don't want to mess with the files, and screw up something for other users

why do i get errors while using the empire stager. i copy the code as it appears and make it a .sh on the machine but i i get an error. but when i copy the stager from starkiller it works fine

i make the file the same way using the copy clipboard from starkiller on the victim machine and it works fine.

i get this error

it looks like it has something to do with the way its being copied from my shell versus the way its being copied from starkiller

it looks like its a tmux issue :/

once i opened a new cmd window and executed the stager from there and copied the code and executed it just fine

is it just me or is the windows client incredibly slow?

you mean the git-server? I just changed the exploit code to make the web-shell a little more convenient part, but i haven't noticed anything super slow. seems to be working okay

Hmm thanks, if im still awake in like half an hour i'll get back to it

Earlier was really really slow, like i would type a command into the terminal, and i can go out, buy some food, find my one true love, get married, have a son and daughter, and retire in a peaceful life by the seaside before the terminal sends me the info i requested

lol

no, it seems to be working better now then

okay, i take that back, it's hanging hard right now

HAHAHAH

-.-

https://tenor.com/view/ahh-curses-skeletor-angry-he-man-gif-15367692

You jinxed it my man

man, it's hard to keep track of all the relays, web-shells, reverse shells, ssh sessions, etc

It's like the movie Inception.

seriously, im afraid to stop until i get to a 'shortcut' back of sorts. Just got evil-winrm up. Can breathe a bit easier now

ok it goes zoom zoom now

super late, but your "gibberish" comments helped me sort through my issues with chisel as well. That was huge. Thanks buddy

Gave +1 Rep to @cedar rock

Actually those are just warnings and not really errors. It is just telling you that you have powershell bypasses being used on a python stager. The strip comments warning is going to be moved to a debug mode in 5.0

nah. it wouldn't let me connect at all when i copied from tmux. tmux output of copy and paste is different than a normal terminal window. Once I opened a normal terminal window and got the same stager code it worked fine.

starkiller worked fine to all the time.

Hello, I’m having trouble with the Webmin RCE script connecting to the target

Pinged the machine and it’s showing connection.

Is the correct port open?

looking at wreath im stoked to get started on it. how much do you hate yourself/love it after you finish?

wreath was a great room

some trial and error but you'll get the hang of it

and learn a lot