TL;DR This is a writeup on Blue which is a Windows box categorized as easy on HackTheBox, and is primarily based on the exploitation of the Eternal Blue MS17-010 exploit without requiring the need for any privilege escalation to obtain the root flag. Walkthrough This writeup explains both, exploitation with and without Metasploit. Blue Writeup: […]
Devel Writeup/Walkthrough Hack the box
Devel Writeup Summary TL;DR This writeup is based on Devel which is an easy-rated machine on HackTheBox. It starts with FTP and HTTP. I will use FTP anonymous login to upload a webshell to get shell on the machine. Later on, I’ll use one of many Windows kernel exploit to gain system shell. It requires […]
Arctic Writeup / Walkthrough Hack the box
TL;DR This is a writeup on Arctic which is a Linux box categorized as easy on HackTheBox, and has Adobe’s ColdFusion as a primary service running on it. The exploitation essentially leverages enumeration and CVEs, namely Adobe ColdFusion – Directory Traversal & MS10_092. Interestingly, it does require us to escalate the user privileges for obtaining […]
Legacy Writeup/Walkthrough Hack the box
Legacy Writeup Summary TL;DR This writeup is based on Legacy on Hack the box. It was a windows box. It starts with Samba. In this machine, Samba has two bugs, which are SMB vulnerability(Eternal Blue or MS17-010) and Remote Code Execution vulnerability (MS08-067). We have both ways to exploit the vulnerability and get the shell. […]
How to Silver Ticket Attack Active directory
So Silver ticket attack is one of the ways to gain domain persistence. Once you have gained domain admin or you could dump hashes of a service account some how. To understand this attack please make sure you have a good understanding of Kerberos and its process. You can read my detailed explanation here. If you have recalled […]
How to Golden Ticket Attack Active directory
So Golden ticket attack is one of the ways to gain domain persistence once you have gained domain admin. To understand this attack please make sure you have a good understanding of Kerberos and its process. You can read my detailed explanation here. If you have recalled how Kerberos works let’s see where this attack […]
How to Kerberos? its components and function
Today I’ll explain what Kerberos is. First, I will explain the advantages Kerberos has over other types of authentication. Then we will deep dive into how it works as a protocol. What is Kerberos ? – Kerberos Authentication Let’s say you are in an insecure network where you want to authenticate but don’t want to […]
Heist Writeup / Walkthrough Hack the box
Heist Writeup Summery TL;DR This writeup is about Heist, it was a windows box that starts off with a webserver we log in as a guest. There we find a config file in which we find encrypted hash’s. from there we get the password. we do a deep port scan find a winrm open we […]