Search - HackTheBox
Search Machine(10.10.11.129) Info: This was a hard windows box from HackTheBox which focused on windows Active Directory Pentesting, we will to enumerate valid users through kerberos then crack some passwords then find some certs then crack those certs then do privilege escalation by Reading password GMSA account password and reset admin account password through that and get root. This was yet another my faviourte box from htb learned so many things about pentesting Active Directory machines. How kerberosating, Kerberos, bloodhound, impacket and msrpc things work. Looking forward to doing more windows machine. Ps: I did this box after it retired and had access to ippsec video and 0xdf blog and I'm thankful to them for their work so that we can learn new stuffs. Recon: Starting with nmap port scan we get many multiple open ports as expected from windows Active Directory Machines. $ nmap -p- --min-rate 10000 10.10.11.129 Starting Nmap 7.80 ( https://nmap.org ) at 20...