Posts by Tag

• ad 1
• password spray 1
• kerberoasting 1
• keccak 1
• sqli 1
• winrm 1
• powerview 1
• vs code 1
• chisel 1
• server operators 1
• backup operators 1
• llave ssh 1
• github 1
• ftp 1
• windows 1
• arbitrary file upload 1

ad

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

password spray

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

kerberoasting

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

keccak

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

sqli

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

winrm

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

powerview

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

vs code

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

chisel

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

server operators

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

backup operators

Multimaster - Hack The Box

September 19, 2020  

Multimaster was a challenging Windows machine that starts with an SQL injection so we can get a list of hashes. The box author threw a little curve ball here and it took me a while to figure that the hash type was Keccak-384, and not SHA-384. After successfully spraying the cracked password, we exploit a local command execution vulnerability in VS Code, then find a password in a DLL file, perform a targeted Kerberoasting attack and finally use our Server Operators group membership to get the flag.

ad password spray kerberoasting keccak sqli winrm powerview vs code chisel server operators backup operators

Back to Top ↑

llave ssh

Configurar ssh para github

June 10, 2021  

Generar una clave ssh para trabajar en github es extremadamente sencillo, a continuación te muestro como hacerlo

llave ssh github

Back to Top ↑

github

Configurar ssh para github

June 10, 2021  

Generar una clave ssh para trabajar en github es extremadamente sencillo, a continuación te muestro como hacerlo

llave ssh github

Back to Top ↑

ftp

Devel - Hack The Box

October 10, 2021  

Devel es una maquina windows que se explota mediante un servicio FTP que tiene subida arbitraria de archivos, por medio de esta debilidad, se logra establecer una conexión al equipo victima y ejecutar comandos, luego se logra escalar privilegios por medio de un exploit conocido basado en la versión del sistema operativo.

ftp windows arbitrary file upload

Back to Top ↑

windows

Devel - Hack The Box

October 10, 2021  

Devel es una maquina windows que se explota mediante un servicio FTP que tiene subida arbitraria de archivos, por medio de esta debilidad, se logra establecer una conexión al equipo victima y ejecutar comandos, luego se logra escalar privilegios por medio de un exploit conocido basado en la versión del sistema operativo.

ftp windows arbitrary file upload

Back to Top ↑

arbitrary file upload

Devel - Hack The Box

October 10, 2021  

Devel es una maquina windows que se explota mediante un servicio FTP que tiene subida arbitraria de archivos, por medio de esta debilidad, se logra establecer una conexión al equipo victima y ejecutar comandos, luego se logra escalar privilegios por medio de un exploit conocido basado en la versión del sistema operativo.

ftp windows arbitrary file upload

Back to Top ↑