[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Certified

#Windows #Active-Directory #ADCS #ESC9 #DACL-Abuse #WriteOwner #GenericWrite #GenericAll #Shadow-Credentials #Targeted-Kerberoasting #UPN-Spoofing #Certipy #Kerberos #Pass-The-Hash

READ_FULL_REPORT ->

[HARD]

PLATFORM: HackTheBox TYPE: Machine

🎯 Certificate

#Windows #Active-Directory #ADCS #ESC3 #Null-Byte-Injection #Zip-Bypass #Pcap-Analysis #AS-REQ-Carving #Kerberos #SeManageVolumePrivilege #ACL-Abuse #EFS-Encryption #Certutil #Golden-Certificate #Forged-CA #Certipy #Pass-The-Hash

READ_FULL_REPORT ->

[INSANE]

PLATFORM: HackTheBox TYPE: Machine

🎯 Hathor

#Windows #Active-Directory #mojoPortal #Default-Credentials #Arbitrary-File-Upload #ASPX-Web-Shell #DLL-Hijacking #AutoIt3 #PFX-Cracking #Code-Signing #Authenticode #PowerShell-Bypass #AllSigned #Kerberos #Pass-the-Ticket #DCSync #WMIexec

READ_FULL_REPORT ->

[INSANE]

PLATFORM: HackTheBox TYPE: Machine

🎯 Sizzle

#Windows #Active-Directory #SMB-Abuse #Coerced-Authentication #SCF-Abuse #Responder #Password-Cracking #ADCS #Certificate-Enrollment #Evil-WinRM #AMSI-Bypass #Constrained-Language-Mode #Kerberoasting #Rubeus #BloodHound #DCSync #Mimikatz #Pass-the-Hash

READ_FULL_REPORT ->

[INSANE]

PLATFORM: HackTheBox TYPE: Machine

🎯 Rebound

#Windows #Active-Directory #SID-Enumeration #AS-REP-Roasting #Kerberoasting #Password-Cracking #BloodHound #Password-Spraying #ACL-Abuse #Shadow-Credentials #Pass-the-Hash #Cross-Session-Attack #NTLM-Relay #DCOM-Coercion #gMSA-Abuse #Resource-Based-Constrained-Delegation #RBCD #Constrained-Delegation #S4U2Self #S4U2Proxy #Pass-the-Ticket #DCSync

READ_FULL_REPORT ->

[HARD]

PLATFORM: HackTheBox TYPE: Machine

🎯 Snoopy

#Linux #LFI #DNS #Zone-Transfer #DNS-Zone-Hijack #SMTP #Mailserver #SSH-Honeypot #Credential-Capturing #MitM #CVE-2023-23946 #CVE-2023-20052

READ_FULL_REPORT ->

[INSANE]

PLATFORM: HackTheBox TYPE: Machine

Coming soon.

READ_FULL_REPORT ->

[HARD]

PLATFORM: HackTheBox TYPE: Machine

🎯 Redelegate

#Windows #Active-Directory #Kerberos #Keepass #FTP #Weak-Passwords #MSSQL #Password-Spray #ForceChangePassword #GenericAll #SeEnableDelegationPrivilege #SeMachineAccountPrivilege #Constrained-Delegation #MachineAccountQuota #Protocol-Transition #msDS-AllowedToDelegateTo #Delegation #S4U #S4U2Self #S4U2Proxy #DCSync #Pass-The-Hash #ACL-Abuse

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Craft

#Linux #Virtual-Host #Gogs #Git #Commit-History #RCE #MySQL #Vault #HashiCorp-Vault

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Authority

#Windows #Active-Directory #Kerberos #Ansible #Ansible-Vault #PWM #Configuration-Editor #LDAP-Interception #ESC1 #PKINIT #Schannel #RBCD #S4U2Proxy

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 VulnCicada

#Windows #Active-Directory #Kerberos #Relay #DNS-Spoofing #Kerberos-Relay #NFS #ADCS #Coercion #DCSync #Overpass-the-Hash #ESC8 #Web-Enrollment

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Voleur

#Windows #Active-Directory #Kerberos #Restore-Users #Restore-ADObject #ACL-Abuse #Targeted-Kerberoasting #DPAPI-Abuse #Backup-Service #Registry-Hive #ntds.dit #SYSTEM-Hive #SECURITY-Hive

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Media

#Windows #Windows-Media-Player #NTLM-Leak #mklink #symlink #Broken-Access-Control #Arbitrary-File-Upload #RCE #SeImpersonatePrivilege #FullPowers #Potato

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Administrator

#Windows #Active-Directory #GenericAll #ForceChangePassword #FTP #ACL-Abuse #Hash-Cracking #Shadow-Credentials #Targeted-Kerberoasting #DCSync

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

Coming soon.

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Pov

#Windows #.NET #ASPX #ysoserial #Local-File-Read #Deserialization #RCE #Credential-Decryption #SeDebugPrivilege #Impersonation

READ_FULL_REPORT ->

[EASY]

PLATFORM: HackTheBox TYPE: Machine

🎯 Postman

#Linux #Redis #John #Webmin

READ_FULL_REPORT ->

[HARD]

PLATFORM: HackTheBox TYPE: Machine

🎯 Pirate

#Windows #Pre2k #Password-Spraying #Active-Directory #Kerberos #S4U #Impersonation #Constrained-Delegation #gMSA #Shadow-Credentials #PetitPotam #SPN-Manipulation

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Jeeves

#Windows #Jenkins #Groovy #Token-Impersonation #SeImpersonatePrivilege #Alternate-Data-Stream

READ_FULL_REPORT ->

[HARD]

PLATFORM: HackTheBox TYPE: Machine

🎯 Garfield

#Windows #Active-Directory #WriteProperty #Logon-Scripts #scriptPath-Hijack #SYSVOL #ForceChangePassword #ACL-Abuse #Impersonation #RODC #Machine-Account-Takeover #Constraned-Delegation #Protocol-Transition #S4U2Self

READ_FULL_REPORT ->

[EASY]

PLATFORM: HackTheBox TYPE: Machine

🎯 Fluffy

#Windows #Active-Directory #Share-Write #CVE-2025-24071 #NetNTLMv2 #NetNTLMv2-Capture #GenericAll #CA_SVC #Shadow-Credentials #ESC16 #ACL-Abuse

READ_FULL_REPORT ->

[MEDIUM]

PLATFORM: HackTheBox TYPE: Machine

🎯 Overwatch

#Windows #Reverse-Engineering #MSSQL #DNS-Spoofing #SOAP #OS-Command-Injection

READ_FULL_REPORT ->