Medium
Filtering for "Medium"
Remove filterTombwatcher
A medium Active Directory Windows machine fom Hack The Box features a series of ACL abuse to get access to WinRM on the target, and then restoring a deleted account to exploit an ADCS certificate template vulnerable to ESC15 gain access to the domain admin.
Media
A medium Windows machine from VulnLab/Hack The Box that features capturing an NetNTLMv2 from a crafted Windows Media Player file and restoring restricted privileges on the Local Service account.
Updown
A medium Linux Machine from Hack The Box that features Local File Inclusion exploitation via the
phar://wrapper.Delegate
A medium Windows Active Directory Machine from VulnLab/Hack The Box that features abusing Kerberos Unconstrained Delegation.
Sendai
A medium Active Directory Windows machine from VulnLab/Hack The Box that features Active Directory gMSA abuse and AD CS privilege escalation techniques.
Cascade
A medium Windows machine from Hack The Box that features a domain controller with anonymous LDAP bind, and reverse engineering a .NET executable with hardcoded credentials.
Breach
A Windows machine from Vulnlab/Hack The Box that teaches you how to capture NTLM authentication by placing files in shares and escalate privileges via silver tickets.
Bamboo
Learn about how to enumerate ports through squid and poking around in a web app for privilege Escalation
Fired
An intermediate Linux box that eaches you how to exploit an authentication bypass and finding credentials in config files.