BABY was an easy-rated Windows AD machine that involved enumerating users and their default passwords from their descriptions for initial access. The exploitation of SeBackupPrivilege permission wa...

Retro2 was an easy-rated Windows Active Directory machine on VulnLab. It involved cracking the password for an encrypted .accdb file, changing the password for a pre-Windows 2000 computer machine, ...

Machine Info Vulnnet: Active from THM was a medium-rated Windows AD machine. It involved exploiting a vulnerable Redis server to leak the NTLM hash of the enterprise-security user to gain initial ...

Machine Overview Skyfall is an Insane machine on HTB that involves bypassing a 403 error and accessing the minio metrics page, then exploiting CVE-2023-28432 to gain the minio_root_user and minio_...

Machine Info Monteverde involve credentials stuffing for initial access and exploiting Azure AD connect for privilege Escalation. User Scanning through Nmap First, we’ll use Nmap to scan the w...

Machine Info Resolute was a medium-ranked Active Directory machine that involved utilizing default credentials with password spraying to gain initial access to the box. For lateral movement, we fo...

Machine Info Authority involves dumping ansible-vault secret text from SMB shares, cracking passwords using hashcat, and decrypting clear-text usernames and passwords, which give us access to PWM ...

Machine Info PoV is a medium-rated Windows machine on HackTheBox. It involves exploiting an Insecure Deserialization Vulnerability in ASP.NET 4.5 for initial foothold. For lateral movement, we nee...

Machine Info Buziness form Hackthebox involved exploiting CVE-2023-49070 an pre-authentication Remote Code Execution (RCE) & CVE-2023-51467 an Authentication Bypass to gain initial access on b...

Machine Overview Backfield is a hard difficulty Windows machine featuring Windows and Active Directory misconfigurations. Anonymous / Guest access to an SMB share. Kerbrute identify that support u...