Blue
Room Info
Name
đ Blue
Description
đ Deploy & hack into a Windows machine, leveraging common misconfigurations issues.
Target IP
đ¯
10.10.177.175
Recon
Exploitation
Privilege Escalation
Used payload was
windows/x64/shell/reverse_tcp
, so convert the shell to ameterpreter
shell.
My process may not run as
SYSTEM
user. Select aPID
(process ID) with theNT AUTHORITY\SYSTEM
user, and migrate my process to that one.e.g.
1284 - spoolsv.exe
Post Exploitation
Cracking
aad3b435b51404eeaad3b435b51404ee
is the LM hash for no password.
ffb43f0de35be4d9917ac0cc8ad57f8d
is the NTLM hash for alqfna22
.
Jon's credentials are jon
:alqfna22
.
Flags
In the
meterpreter
session
Last updated