From Zero to Domain Admin
https://thedfirreport.com/2021/11/01/from-zero-to-domain-admin/
#blueteam #writeup
https://thedfirreport.com/2021/11/01/from-zero-to-domain-admin/
#blueteam #writeup
The DFIR Report
From Zero to Domain Admin
Intro This report will go through an intrusion from July that began with an email, which included a link to Google’s Feed Proxy service that was used to download a malicious Word document. Up…
HackTheBox - PivotAPI
https://youtu.be/FbTxPz_GA4o
https://youtu.be/hzsGMj9C8Nw
https://0xdf.gitlab.io/2021/11/06/htb-pivotapi.html
#htb #writeup #ad #reverse
https://youtu.be/FbTxPz_GA4o
https://youtu.be/hzsGMj9C8Nw
https://0xdf.gitlab.io/2021/11/06/htb-pivotapi.html
#htb #writeup #ad #reverse
YouTube
HackTheBox - PivotAPI
00:00 - Intro
01:00 - Start of nmap, downloading files over FTP
05:25 - The contents of all the PDF's don't really help. Using exiftool to extract authors.
08:20 - Using Kerbrute to bruteforce valid users and getting ASREP Hash. It is ETYPE 18, which hashcat…
01:00 - Start of nmap, downloading files over FTP
05:25 - The contents of all the PDF's don't really help. Using exiftool to extract authors.
08:20 - Using Kerbrute to bruteforce valid users and getting ASREP Hash. It is ETYPE 18, which hashcat…