lazyhacker 2 months ago
Illusion #hackthebox

Administrator HTB Writeup | HacktheBox

In the off-season, HackTheBox's Administrator machine takes us through an Active Directory environment for privilege escalation. We begin with a low-privilege account, simulating a real-world penetration test, and gradually elevate our privileges. This machine is relatively straightforward, making it ideal for practicing BloodHound analysis.

└─$ nmap -sVC 10.10.11.42                       
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-11-13 08:17 EST
Nmap scan report for 10.10.11.42
Host is up (0.17s latency).
Not shown: 988 closed tcp ports (reset)
PORT     STATE SERVICE       VERSION
21/tcp   open  ftp           Microsoft ftpd
| ftp-syst: 
|_  SYST: Windows_NT
53/tcp   open  domain        Simple DNS Plus
88/tcp   open  kerberos-sec  Microsoft Windows Kerberos (server time: 2024-11-13 20:17:12Z)
135/tcp  open  msrpc         Microsoft Windows RPC
139/tcp  open  netbios-ssn   Microsoft Windows netbios-ssn
389/tcp  open  ldap          Microsoft Windows Active Directory LDAP (Domain: administrator.htb0., Site: Default-First-Site-Name)
445/tcp  open  microsoft-ds?
464/tcp  open  kpasswd5?
593/tcp  open  ncacn_http    Microsoft Windows RPC over HTTP 1.0
636/tcp  open  tcpwrapped
3268/tcp open  ldap          Microsoft Windows Active Directory LDAP (Domain: administrator.htb0., Site: Default-First-Site-Name)
3269/tcp open  tcpwrapped
Service Info: Host: DC; OS: Windows; CPE: cpe:/o:microsoft:windows


Host script results:
| smb2-time: 
|   date: 2024-11-13T20:17:23
|_  start_date: N/A
| smb2-security-mode: 
|   3:1:1: 
|_    Message signing enabled and required
|_clock-skew: 7h00m01s


Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 35.47 seconds


Let's add administrator.htb to the /etc/hosts file:

echo " 10.10.11.42 administrator.htb" | sudo tee -a /etc/hosts

Access is restricted by HackTheBox rules#
The solution to the problem can be published in the public domain after her retirement.
Look for a non-public solution to the problem in the telegram channel .
0
4.2K

CS cybersecurity crisis

defaultuser.png
Kend
1 year ago

White box testing

https://lh3.googleusercontent.com/a/ACg8ocIkM8EGIx0gz9GUP_nM6_sMxivr6876Wp0e9MAp6mGc=s96-c
xone
9 months ago

The golden Era of technology

defaultuser.png
Kend
1 year ago
one-line web server

one-line web server

defaultuser.png
lazyhacker
1 year ago
Mist HTB Writeup | HacktheBox

Mist HTB Writeup | HacktheBox

https://lh3.googleusercontent.com/a/ACg8ocIkM8EGIx0gz9GUP_nM6_sMxivr6876Wp0e9MAp6mGc=s96-c
xone
10 months ago