writeups

THM - Robots
THM - Robots
Created|writeups
We start with an nmap scan: The robots.txt file reveals 3 directories. Only one of them is accessible:You can now create an account and the initial password will be md5(username+ddmm)So we create a test account with a date of birth of 00/00/0000. We can then calculate the requested hash with the following bash command:Use -n to avoid line breaks. You can then connect to the test account with this password:We can see that the admin account has recently logged in, and we can also see ...
THM - Reset
THM - Reset
Created|writeups
This challenge simulates a scenario where you have to compromise an Active Directory environment.Scan nmap : In view of the open ports, we’re probably dealing with an Active Directory environment. We can try to obtain information using a few important ports: Port 53 (DNS) :The nmap scan provides us with FQDNs (Fully Qualified Domain Names) such as haystack.thm.corp. We can then ask DNS to provide us with all DNS records linked to the thm.corp domain. This can be done with the dig utility (di...
avatar
UnChleuHacker
Articles
35
Tags
35
Categories
2
Follow Me
Recent Posts
Vulnlab - Tengu
Vulnlab - Tengu
Mimikatz CheatSheet
Mimikatz CheatSheet
Vulnlab - Reflection
Vulnlab - Reflection
THM - Stealth
THM - Stealth
THM - K2
THM - K2
Categories
Tags
Sliver Spike C2 PrivEsc post-exploitation Tryhackme Vulnlab Spooler vulnlab SLIVER ActiveDirectory GPP thm Attacks NTLM Framework vulnlab,activedirectory K2 PT1 BufferOverFlow Printer TryHackme Token control RPC SMB LAPS windows RCBD laps,activedirectory GoldenTicket activedirectory Protocol thm,linux THM
Archives
Website Info
Article Count :
35
Unique Visitors :
Page Views :
Last Update :