Return to forum

rasengan · April 23, 2022 at 5:50 PM

Hey guys, I saw someone asking HTb Search machine write up, sharing my notes with you.

https://anonfiles.com/5dZ740Z2x0/Search_pdf

If you like it then give me a Rep+ BF.

ouboy · April 23, 2022 at 8:27 PM

Nice one!

Carnival · April 24, 2022 at 3:16 PM

(April 23, 2022, 05:50 PM)拉森甘 Wrote: 大家好，我看到有人问 HTb Search machine 写出来，和你们分享我的笔记。

https://anonfiles.com/5dZ740Z2x0/Search_pdf

如果您喜欢，请给我一个 Rep+ BF。

老实说，我有一个问题。关于 PowerShell 访问密码？你在哪里找到的，塞拉弗莱的密码？

Himitsu · April 27, 2022 at 7:28 AM

(April 24, 2022, 03:16 PM)Carnival Wrote:
(April 23, 2022, 05:50 PM)拉森甘 Wrote: 大家好，我看到有人问 HTb Search machine 写出来，和你们分享我的笔记。

https://anonfiles.com/5dZ740Z2x0/Search_pdf

如果您喜欢，请给我一个 Rep+ BF。

老实说，我有一个问题。关于 PowerShell 访问密码？你在哪里找到的，塞拉弗莱的密码？

Using "edgar.jacobs" account you can access resource like below and download the Excel sheet:

$\> smbclient //search.htb/RedirectedFolders$ -U edgar.jacobs Enter WORKGROUP\edgar.jacobs's password:
Try "help" to get a list of possible commands.
smb: \> cd edgar.jacobs\Desktop\
smb: \edgar.jacobs\Desktop\> ls
. DRc .. DRc $RECYCLE.BIN DHSc desktop.ini AHSc Microsoft Edge.lnk Ac Phishing_Attempt.xlsx Ac
    0  Mon Aug 10 10:02:16 2020
    0  Mon Aug 10 10:02:16 2020
    0  Thu Apr  9 20:05:29 2020
  282  Mon Aug 10 10:02:16 2020
1450  Thu Apr  9 20:05:03 2020
23130  Mon Aug 10 10:35:44 2020
                3246079 blocks of size 4096. 458055 blocks available
smb: \edgar.jacobs\Desktop\> get Phishing_Attempt.xlsx

Then upload it in Google drive and open it with Google sheet then you can see the password protected tab.
Here you found the password of Sierra then you can use it with the PS script.

Carnival · May 4, 2022 at 3:17 PM

(April 27, 2022, 07:28 AM)喜光 Wrote:
(April 24, 2022, 03:16 PM)狂欢 Wrote:
(April 23, 2022, 05:50 PM)拉森甘 Wrote: 大家好，我看到有人问HTb Search machine写出来，和你们分享我的笔记。

https://anonfiles.com/5dZ740Z2x0/Search_pdf

如果你喜欢，请给我一个Rep+ BF。

老实说，我有一个问题。关于 PowerShell 访问密码？你在哪里找到，塞拉弗莱的密码？

使用“edgar.jacobs”帐户，您可以访问以下资源并下载 Excel 表格：在这里您找到了 Sierra 的密码，然后您可以将其与 PS 脚本一起使用。
$\> smbclient //search.htb/RedirectedFolders$ -U edgar.jacobs Enter WORKGROUP\edgar.jacobs's password:
Try "help" to get a list of possible commands.
smb: \> cd edgar.jacobs\Desktop\
smb: \edgar.jacobs\Desktop\> ls
. DRc .. DRc $RECYCLE.BIN DHSc desktop.ini AHSc Microsoft Edge.lnk Ac Phishing_Attempt.xlsx Ac
    0  Mon Aug 10 10:02:16 2020
    0  Mon Aug 10 10:02:16 2020
    0  Thu Apr  9 20:05:29 2020
  282  Mon Aug 10 10:02:16 2020
1450  Thu Apr  9 20:05:03 2020
23130  Mon Aug 10 10:35:44 2020
                3246079 blocks of size 4096. 458055 blocks available
smb: \edgar.jacobs\Desktop\> get Phishing_Attempt.xlsx

明白了！我也发现了？我输入的时候输入了错误的密码。。。