all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hack the Box: Forest (OSCP like boxes and beyond)

Add to bookmarks
Oct. 13, 2023, 3:51 p.m. | Ryan Yager

System Weakness - Medium systemweakness.com

Today we will be looking at a retired HTB Machine Forest, which is an Active Directory machine. This machine is part of the Beyond this Module in Hack The Box Academy, Active Directory Enumeration and attacks. Starting off as usual with a port scan we see the following:

We utilized rustscan above with the command:

rustscan --ulimit 5000 -a 10.10.10.161 -- -Pn

We see a couple of different attack vectors that we can check for, null SMB session, anonymous RPC …

active directory forest hacking hack-the-box-writeup pass the hash

Visit resource

More from systemweakness.com / System Weakness - Medium

First AD home lab 14 hours ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 14 hours ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 1 day, 12 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 1 day, 12 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 1 day, 12 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 1 day, 12 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22
Safeguarding the Virtual Frontier 1 day, 12 hours ago | systemweakness.com
awareness click collaboration critical +24
The Ultimate Guide to CISSP’s Eight Security Territories 1 day, 12 hours ago | systemweakness.com
bug bounty cybersecurity information security information technology +1
Keep your API keys safe (OpenAI, Together AI, etc.) 1 day, 12 hours ago | systemweakness.com
cybersecurity data science encryption generative-ai-tools +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India
View on infosec-jobs.com

Cyber Program Manager - CISO- United States – Remote

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com

Network Security Engineer (AEGIS)

@ Peraton | Virginia Beach, VA, United States
View on infosec-jobs.com

SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com

Information Systems Security Engineer

@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)
View on infosec-jobs.com
View more jobs