![]() ![]() I’ll eventually get a shell by overwriting a Dll over SMB, and when that Dll is loaded, I get execution. ![]() All my efforts to get a shell are blocked, and I’ll do a deep dive analysis on the firewall and AppLocker settings. ![]() From there, I’ll figure out how to upload a webshell, and copy it to get the right extension. I’ll start with some default creds logging into a mojoPortal website. Hathor is an insane box that lives up to the difficulty. Htb-hathor ctf hackthebox nmap crackmapexec aspx mojoportal default-creds upload webshell burp burp-repeater defender applocker firewall windows-firewall youtube insomnia-webshell get-badpasswords crackstation kerberos klist kinit wireshark msfvenom dll visual-studio shortcut recycle-bin certificate pfx windows-process-monitor openssl pkcs12 crackpkcs12 authenticode sign dcsync ktutil gettgt evil-winrm wmiexec htb-anubis htb-hackback htb-scrambled ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |