We are solving Anubis, a 50-point windows machine on HackTheBox which involves an ASP template injection, windows containers, and stealing hashes with Responder. Later we'll escalate privileges using noPAC.
We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes. For root, we will abuse GPO Permissions and explore 2 unintended privilege escalations.
We are solving Heist from PG Practice. Heist is a really cool Windows machine that involves stealing a hash, reading a gMSA password & exploiting the SeRestorePrivilege.
APT is a 50-point machine on HackTheBox which involves getting the IPv6 Address via MS-RPC, credential spraying, and reading the boxes registry remotely. For root, we force authentication of the box's machine account to our box, capture it with responder, crack it, and then use secretsdump to obtain the administrator...
In this post I will give a quick walkthrough on Giddy from hackthebox.eu. The machine involves (automated) sql injection, stealing ntlm hashes via sqli and the exploitation of vulnerable service for which a CVE exists.