Description Plattform: Hack the BoxLink: https://app.hackthebox.com/machines/123Difficulty: Medium 🟠 Enumeration NMAP We’ll find just two ports open: The ports indicate an application called Achat. A quick Google search reveals that Achat is a Windows-based chat application that supports direct messaging and file sharing within a local network. A working exploit can quickly be found using Searchsploit. …
Introduction The third server is an MX and management server for the internal network. Subsequently, this server has the function of a backup server for the internal accounts in the domain. Accordingly, a user named HTB was also created here, whose credentials we need to access. Enumeration NMAP The scan shows that some mail ports …
Important Note Enumeration NMAP Share Enumeration User Enumeration Foothold To establish a foothold, use the credentials and spawn a shell on the system using Evil-WinRM. This provides a list of existing users on the system, but the relationship between them and your access is still missing. For this, BloodHound is the best tool to use. …