Active
An easy WIndows box from HackTheBox, find creds intside of an smb share and use those to kerberoast the administrators credentials, crack them with hashcat and get root.
Forest
An easy box from HackTheBox, entirely AD - first get a user hash by AS-REP roasting and crack it for initial access with evil-winrm, then scrape AD information and use bloodhound to find a path to domain admin via group misconfigurations.
Forest
An easy box from HackTheBox, entirely AD - first get a user hash by AS-REP roasting and crack it for initial access with evil-winrm, then scrape AD information and use bloodhound to find a path to domain admin via group misconfigurations.
Forest
An easy box from HackTheBox, entirely AD - first get a user hash by AS-REP roasting and crack it for initial access with evil-winrm, then scrape AD information and use bloodhound to find a path to domain admin via group misconfigurations.
Love
An easy Windows box from HackTheBox, leak admin creds to a voting dashboard via SSRF and upload a webshell for initial access, then install a malicious .msi file to get SYSTEM.