Certified - Hack The Box
We began with the low-privileged user JUDITH.MADER@CERTIFIED.HTB, who had the ability to modify the owner of MANAGEMENT@CERTIFIED.HTB. By changing ownership, we added a controlled user to this grou...
Escape Two - HackTheBox
Using rose‘s SMB credentials on DC01, we accessed and extracted credentials from accounts.xlsx, including the MSSQL sa account. With mssqlclient.py, we enabled xp_cmdshell and obtained a shell as s...
Baby - Vulnlab - Windows - Easy
Baby is an Easy windows machine from Vulnlab, in which we start with ldapsearch and get a users password from a description and after resetting that users password we will be able to login to winrm...
Vintage - Hack The Box
Here’s something encrypted, password is required to continue reading.
Real World Pentest Story
Here’s something encrypted, password is required to continue reading.
Administrator - Hack The Box
Administrator is a Medium-rated Windows machine on Hack The Box that mimics real-world Active Directory pentesting. We start by using valid credentials for Olivia, who has access to change Michael’...
Flight - Hack The Box
Flight is a hard Windows machine that starts with a website with two different virtual hosts. One of them is vulnerable to LFI and allows an attacker to retrieve an NTLM hash. Once cracked, the obt...
Breach in the Cloud
Here’s something encrypted, password is required to continue reading.
