Posts: 213 Threads: 0 Joined: N/A September 29, 2022 at 5:03 AM (September 29, 2022, 12:48 AM)lamehacker Wrote: (September 26, 2022, 10:33 AM)Exa Wrote: (September 26, 2022, 09:22 AM)samhub123 Wrote: what a nice machine. rooted.
I'm stuggling with decrypting the password. Which tool did you use?
same here bro Check out @samhub123's reply from earlier. Posts: 2 Threads: 0 Joined: N/A October 7, 2022 at 9:34 PM Hi.
anyone can please share root hash of sekhmet?
https://meowmeowattack.wordpress.com/2022/09/21/hackthebox-htb-writeup-sekmet-insane/ Posts: 9 Threads: 0 Joined: N/A October 15, 2022 at 5:07 PM Can someone please send winrm hash - having issues obtaining it :/ Posts: 129 Threads: 0 Joined: N/A October 18, 2022 at 1:50 PM I have Sekhmet CVE CVE-2022-3506.py
anyone intrested???? Posts: 21 Threads: 0 Joined: N/A October 18, 2022 at 8:07 PM (September 15, 2022, 05:39 AM)meowmeowattack Wrote: not sure what to proceed next
after inspecting the ldb file, where you can find the domain sid, a domain user and the credential hash
var/lib/sss/db/cache_windcorp.htb.ldb
the credential hash can be john'd to reveal the password of the domain user
from there, can also do impersonation to get a Administrator.ccache
but the thing is, from the dns zone transfer and other info found, there are only two hosts found in the domain, webserver and hope. and none of them has any of the smb, ldap ports open. i start to wonder where to proceed next.
it is curious though, which host is serving the ssh port, it's nowhere to be found yet.
Edit: found new hosts by cracking the known_hosts file. How can i read a ldp file? Posts: 129 Threads: 0 Joined: N/A October 19, 2022 at 2:14 PM (October 18, 2022, 05:52 PM)Hacker2222 Wrote: (October 18, 2022, 01:50 PM)Cipher Wrote: I have Sekhmet CVE CVE-2022-3506.py
anyone intrested????
that script is a virus . stop trying to get people to execute your shit virus. nothing like that bro, you can check before exploit. Some time we must be positive thinking..... Posts: 7 Threads: 0 Joined: N/A October 20, 2022 at 3:31 PM (October 19, 2022, 02:14 PM)Cipher Wrote: (October 18, 2022, 05:52 PM)Hacker2222 Wrote: (October 18, 2022, 01:50 PM)Cipher Wrote: I have Sekhmet CVE CVE-2022-3506.py
anyone intrested????
that script is a virus . stop trying to get people to execute your shit virus.
nothing like that bro, you can check before exploit. Some time we must be positive thinking..... I am interested, could you dm me please ? Posts: 129 Threads: 0 Joined: N/A October 20, 2022 at 5:54 PM (October 20, 2022, 03:31 PM)tmpuser123 Wrote: (October 19, 2022, 02:14 PM)Cipher Wrote: (October 18, 2022, 05:52 PM)Hacker2222 Wrote: (October 18, 2022, 01:50 PM)Cipher Wrote: I have Sekhmet CVE CVE-2022-3506.py
anyone intrested????
that script is a virus . stop trying to get people to execute your shit virus.
nothing like that bro, you can check before exploit. Some time we must be positive thinking.....
I am interested, could you dm me please ? check first before exploit if you dont trust :dodgy: requests and impacket two think need to check before exploit Posts: 9 Threads: 0 Joined: N/A October 23, 2022 at 11:03 AM ty my bro Posts: 1 Threads: 0 Joined: N/A October 24, 2022 at 3:57 PM Can someone tell me how to create the tunnel? I'm stuck there |
