HackTheBox Writeup — Intelligence

Port Scan / Enumeration

nmap -sC -sV -p- -Pn --min-rate=10000 -oN nmap 10.10.10.248

Way to User

From the NMAP results, it seems that the machine is taken from AD environment, but we do have Port 80 open for Web, so checking it in the browser

Way to Root

Since the environment was very limited and I didnt had proper shell to work on, I used impacket-tools for this machine, so to get the bloodhound dump, i used bloodhound.py tool

References

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store