Home

Sauna is one of the machines currently a Active machine on the HackTheBox hacking platform and is of easy difficulty. In this case it is a machine based on the Windows Operating System. Need to gather the user name from the aboutUs page, cracking the TGT of the users, cracking the hash of the user, running winPEAS, using BloodHound and mimikatz ...

Giving a try with enum4linux I was able to get some information about the machine like the usernames, password policies, etc. Finding that right password the right user took me a bit of more time than I expected.This machine is about Azure AD Connect Database Exploit. So in order to get the shell of administrator I need to have a shell of privil...

Running enum4linux against the box we got some usernames and a password for user marko . After some hit and try we got succeed to login as melanie using evil-winrm. After some manual enumeration i got a hidden file in a hidden directory. Which contains credentials of the user ryan. After Switching to ryan we came to know that ryan is in the grou...

It is a domain controller that allows me to enumerate users over RPC, attack Kerberos with AS-REP Roasting, and use Win-RM to get a shell. Let’s get started As always hacking starts with NMAP scan. Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-14 14:22 EDT Warning: 10.10.10.161 giving up on port because retransmission cap hit (10). Nmap ...

A simple python script which can be helpful to install all the necessary tools for pentesting with in a few minutes in almost any linux distribution. Me as a person who use System76 as my daily driver OS, this tool will help me install all the tools in a few minutes of time. Well the installation is quite easy. Kali Tools Visit Kali_tools I...

Mr.Robot is a series based themed CTF. It was first hosted in Vulnhub later it is available in TryHackMe!. Let’s get started As always hacking starts with NMAP scan. PORT STATE SERVICE VERSION 22/tcp closed ssh 80/tcp open http Apache httpd |_http-server-header: Apache |_http-title: Site doesn't have a title (text/html). 443/tcp o...

Blocky is a retired Windows machine that is rated as Easy on Hack the Box. It is a beginner-level machine which can be completed using publicly available exploits. Let’s get started As always hacking starts with NMAP scan. Starting Nmap 7.80 ( https://nmap.org ) at 2020-06-26 15:13 EDT Nmap scan report for 10.10.10.37 Host is up (0.015s la...

Lame is a retired Windows machine that is rated as Easy on Hack the Box. It is a beginner-level machine which can be completed using publicly available exploits. Let’s get started As always hacking starts with NMAP scan. PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.3.4 |_ftp-anon: Anonymous FTP login allow...