Introduction: The purpose of this blog is to document the steps I took to complete hacking task of HackTheBox (https://www.hackthebox.eu/) machine that included capturing user and root flag of Sauna (https://www.hackthebox.eu/home/machines/profile/229). Resources/Tools Used: nmap smbclient Impacket’s GetNPUser.py script (https://raw.githubusercontent.com/SecureAuthCorp/impacket/master/examples/GetNPUsers.py) john evil-WinRM winPEAS mimikatz Process Followed: After connecting to HTB lab through VPN, started Sauna (10.10.10.175)Continue reading “Sauna – HackTheBox Walkthrough”
Tag Archives: Evil-WinRM
Silo – HackTheBox Walkthrough
Introduction: The purpose of this blog is to document the steps I took to complete hacking task of Silo (https://www.hackthebox.eu/home/machines/profile/131) machine from HackTheBox (https://www.hackthebox.eu/). Resources/Tools Used: nmap smbclient Metasploit ODAT (https://github.com/quentinhardy/odat) evil-winrm volaility https://www.rapid7.com/db/modules/auxiliary/scanner/oracle/tnspoison_checker https://www.rapid7.com/db/modules/auxiliary/scanner/oracle/sid_brute https://github.com/quentinhardy/odat/wiki https://redteamtutorials.com/2018/10/24/msfvenom-cheatsheet/ Process Followed: After connecting HTB lab through VPN, started Silo (10.10.10.82) machine. To check the available services, scannedContinue reading “Silo – HackTheBox Walkthrough”
Monteverde – HackTheBox Walkthrough
Introduction: The purpose of this blog is to document the steps I took to complete hacking task of Monteverde machine from Hack The Box (HTB). Resources/Tools Used: nmap smbclient enum4linux Metasploit evil-winrm winPEAS https://blog.xpnsec.com/azuread-connect-for-redteam/ https://github.com/Hackplayers/PsCabesha-tools/blob/master/Privesc/Azure-ADConnect.ps1 Process Followed: After connecting HTB lab through VPN, started Monteverde (10.10.10.172) machine. To check the available services, I scanned theContinue reading “Monteverde – HackTheBox Walkthrough”
Resolute – HackTheBox Walkthrough
Introduction: The purpose of this blog is to document the steps I took to complete hacking task of Resolute machine from Hack The Box (HTB). Resources/Tools Used: nmap smbclient enum4linux Metasploit evil-winrm winPEAS https://medium.com/techzap/dns-admin-privesc-in-active-directory-ad-windows-ecc7ed5a21a2 https://www.abhizer.com/windows-privilege-escalation-dnsadmin-to-domaincontroller/ msfvenom Process Followed: After connecting HTB lab through VPN, started Resolute (10.10.10.169) machine. To check the available services, I scannedContinue reading “Resolute – HackTheBox Walkthrough”
Blog 