I managed to get two uer accounts and a reverse shell with svc_****gr account.
Can someone give me a hint on administrator@**********l, please? Iāve been looking everywhere (I think) but canāt get from svc_*****gr account to administrator on SAUNA machineā¦
Reviewed FOREST (again) and a lot of other stuff from IPPSEC about Kerberos, Impacket, etc. Thanks in advance.
root was easy, similar to other AD machines for me harder was getting a foothold with proper username, I combine in the right way in firs time but its somehow get me an error and I spend a lot of time)
so for User1: make a list and donāt delete wrong names
User2: one tool can enumerate all you need.
Root: proper syntax that all you need.
and as always PM on any platform for any help.
I managed to get two uer accounts and a reverse shell with svc_****gr account.
Can someone give me a hint on administrator@**********l, please? Iāve been looking everywhere (I think) but canāt get from svc_*****gr account to administrator on SAUNA machineā¦
Reviewed FOREST (again) and a lot of other stuff from IPPSEC about Kerberos, Impacket, etc. Thanks in advance.
Are you watching to the end that video? It has some hints. pm for more info because of its spoiler >_<
Alright just finished this one! User is actually not hard at all, but you have to learn to stop thinking so concretely and start thinking outside of the box a little. Itās a Windows box, using Active Directory. What are some common username naming conventions? (it took me way too long to figure this part out lol). For root, just go down the basic list of Windows privesc techniques; youāll uncover a little more info along the way and use that to obtain admin access. I found getting admin easier than user just simply because I have seen the techniques before. PM me for help!
Getting tripped up a little bit with the user account, Iāve confirmed I have the username but I keep receiving āName or service not knownā when trying to grab the hash. Has anyone seen that before?
This was a fun box to do for me. I donāt have a lot of windows experience so it was very nice to learn more about common AD enumeration and exploitation techniques.
I suppose for the more veteran Windows pentesters this box is a piece of cake. But this box is definitely a way to learn the techniques and become a better Windows pentester.
This was a really good box and one that taught me quite a few new skills so thanks to the creator and also to @VbScrub for the video which got me on my way.
Lots of hints on these threads should get you all the way to root.