HackTheBox - Authority

00:00 - Introduction
00:58 - Start of nmap
03:30 - Taking a look at the website
05:50 - Using NetExec to search for file shares and discovering the Development share is open. Using smbclient to download everything
08:00 - Exploring the Ansible Playbooks in the Development Share to discover encrypted passwords (ansible vault)
10:00 - Converting the Ansible Vault Hashes to John/Hashcat format so we can crack them
13:30 - Decrypting the values and getting some passwords, one of which …

ansible authority development discover download encrypted file hackthebox introduction nmap passwords playbooks search share start vault website