Active
An easy WIndows box from HackTheBox, find creds intside of an smb share and use those to kerberoast the administrators credentials, crack them with hashcat and get root.
Forest
An easy box from HackTheBox, entirely AD - first get a user hash by AS-REP roasting and crack it for initial access with evil-winrm, then scrape AD information and use bloodhound to find a path to domain admin via group misconfigurations.
Forest
An easy box from HackTheBox, entirely AD - first get a user hash by AS-REP roasting and crack it for initial access with evil-winrm, then scrape AD information and use bloodhound to find a path to domain admin via group misconfigurations.
Forest
An easy box from HackTheBox, entirely AD - first get a user hash by AS-REP roasting and crack it for initial access with evil-winrm, then scrape AD information and use bloodhound to find a path to domain admin via group misconfigurations.
Attacktive Directory
A medium Windows box from TryHackMe, a focus on Active Directory, using various Impacket scripts to AS-REP roast for initial access and pass the hash to get Admin.