Solidstate
An easy Linux box from HackTheBox, use an RCE combined with POP3 email compromise to get initial access, and exploit a misconfigured cron python script running as root to escalate privileges.
Intelligence
A medium Windows box from HackTheBox, enumerate users by scraping pdf data off of a web site, and use a password spray attack to get SMB access, through that get another user’s NTLM hash by abusing a custom script and finally abuse ReadGMSAPassword privileges to craft a TGT as administrator and get root.
Intelligence
A medium Windows box from HackTheBox, enumerate users by scraping pdf data off of a web site, and use a password spray attack to get SMB access, through that get another user’s NTLM hash by abusing a custom script and finally abuse ReadGMSAPassword privileges to craft a TGT as administrator and get root.
Intelligence
A medium Windows box from HackTheBox, enumerate users by scraping pdf data off of a web site, and use a password spray attack to get SMB access, through that get another user’s NTLM hash by abusing a custom script and finally abuse ReadGMSAPassword privileges to craft a TGT as administrator and get root.
Active
An easy WIndows box from HackTheBox, find creds intside of an smb share and use those to kerberoast the administrators credentials, crack them with hashcat and get root.