HackTheBox and TryHackMe Walkthroughs All ACL Active Directory ADCS AS-REP Roasting daloRADIUS DCSync enumeration Evil-WinRM HackTheBox key penetration testing leveraging SNMP MSSQL

The machine LinkVortex provides an engaging challenge that combines web exploitation, source code analysis, and privilege escalation. The objective is to uncover vulnerabilities through enumeration, leverage misconfigurations to gain initial access, and exploit poorly implemented security controls to escalate privileges to root. Throughout this writeup, we will demonstrate the step-by-step process of enumeration, exploiting an exposed .git directory, analyzing source code for credentials, and escalating privileges using a vulnerable Bash script with sudo permissions.

Enumeraton • Nmap  nmap -sC -sV sightless.htbStarting Nmap 7.94SVN ( https://nmap.org ) at 2024-12-08 08:10 ESTNmap scan report for sightless.htb (10.10.11.32)Host is up (0.038s latency).Not shown: 997 closed tcp ports (reset)PORT   STATE SERVICE VERSION21/tcp open  ftp| fingerprint-strings: |   GenericLines: |    ...

Walkthrough Nmap Website hosting PDFs Usernames in Exifdata BurpSuite and Console Magic Finding a default password Password Spray and SMB Access as Tiffany.Molina Downdetector.ps1 Adding a DNS record Getting and Cracking hash of Ted.Graves Bloodhound Reading gMSA Passwords using gMSADumper...