Password Spraying, gMSA, ADIDNS & Constrained Delegation – Intelligence @ HackTheBox
xct2021-11-26T15:57:51+00:00We are solving intelligence, a nice windows machine on HackTheBox, created by Micah. For user, we will enumerate pdfs on a webserver & will use both the content & metadata to find valid credentials of a domain user. For root, we update a DNS entry, steal a hash & dump...
LDAP, WebDAV, LAPS & Unintended Solutions – Hutch @ PG Practice
xct2021-11-20T18:22:18+00:00We are solving Hutch from PG-Practice. For user, we will get credentials from LDAP & use them to upload a web shell via Webdav. For root, we will read a LAPS password for the intended way & then explore other methods.
Active Directory, Reverse Engineering & Unintended Solutions – Pivotapi @ HackTheBox
xct2021-11-06T15:49:54+00:00We are solving Pivotapi, a 50-point Windows machine on HackTheBox. This one involves some Reverse Engineering, MSSQL, and Active Directory Attacks like Kerberoasting, ASREPRoasting, and various misconfigurations. In the end, we will explore some unintended ways to root this box.
Dynamic DNS & Command Injection – Dynstr @ HackTheBox
xct2021-10-16T12:18:35+00:00We are solving Dynstr, a 30-point Linux machine on HackTheBox that involves a Dynamic DNS Service & a Command Injection.
SSRF into Responder, gMSA Password & SeRestorePrivilege – Heist @ PG Practice
xct2021-10-09T11:35:54+00:00We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading a gMSA password & exploiting the SeRestorePrivilege.
SEH Based Buffer Overflow with Space Limitations – Kevin @ PG Practice
xct2021-09-25T10:31:41+00:00We are solving Kevin, an easy-rated Windows machine on PG Practice that involves a SEH Based Buffer Overflow.