Hack The Box New Machine Mailing Write-up
In this Post, You will learn how to CTF Mailing from hackthebox and If you have any doubts comment down below I will help you 👇🏾
Mailing Write-up — https://www.hackerhq.tech/2024/05/mailing-htb.html
Mailing is a 20-point machine on Hack the Box that you need to tackle by capitalizing on some slip-ups made after a recent computer forensic investigation.
The investigation left behind files containing valuable insights into the machine, typically uncovered during digital forensics work.
Among these files was a dump of LSASS, which holds significant information. While gaining access to system dumps might have been pointless if all passwords were changed, that wasn’t the case here.
To gain system access on the machine, I exploited the SEBackupPrivilege to obtain a copy of NTDS.dit and then parsed it to acquire Administrator hashes.
Hacking Phases in Machine
Initial foothold:
Identify valid domain users.Perform AS-REP Roasting attack.Force a password change for a user. Example: Changing “audit2020” to “svc_backup”.
Escalate privileges:
Extract the password from the dump file. Example: Extracting the password from “svc_backup” to “Administrator”.Abuse backup privilege to extract NTDS.DIT and system hive.Extract domain hashes using secretsdump.
Conclusion
Writing a write-up for the “Mailing” machine on Hack The Box is not only a valuable learning experience but also a way to contribute to the cybersecurity community. By documenting our findings and sharing them with others, we help foster knowledge sharing and skill development.
