Hack the Box: Perfection Writeup
Summary: To gain a foothold on the machine, we exploited an SSTI vulnerability in the web app. Subsequently, we discovered an email detailing the password pattern along with some hashes.…
March 2024
Hack the Box: Analytics Writeup
Summary: In our approach to solving this box, we first gained access to the machine by exploiting a pre-authentication Remote Code Execution (RCE) vulnerability found in Metabase. After that, we…
KRBTGT Password – Active Directory
What is the KRBTGT account? The user account: KRBTGT is an account that is automatically created when promoting the first domain controller of the domain (DC). This account is located…