CrackMapExec

Hack The Box: EscapeTwo Machine Walkthrough – Easy Difficulty

🔒 My Write-Up for the EscapeTwo Machine on Hack The Box 🔍

I’m excited to share my detailed write-up for solving the beginner-friendly “EscapeTwo” machine on Hack The Box, showcasing skills in network enumeration and privilege escalation. First, to capture the user flag, I scanned for open ports, accessed SMB shares, uncovered a password, and leveraged the Ryan account’s elevated permissions to retrieve the flag remotely. Next, for the root flag, I escalated privileges by exploiting an Active Directory misconfiguration. Then, using the Ryan account, I employed tools to identify and modify permissions, thereby gaining control over a privileged account. With this control, I acquired a certificate, subsequently authenticated as an administrator, and finally captured the root flag. This challenge strengthened my expertise in Active Directory security and penetration testing. Check out the full write-up for a deep dive!

#Cybersecurity #HackTheBox #EthicalHacking #PenetrationTesting #ActiveDirectory

The post Hack The Box: EscapeTwo Machine Walkthrough – Easy Difficulty appeared first on Threatninja.net.

May 24, 2025
0 comment
Read More >>

Hack The Box: Administrator Walkthrough Medium Difficulty

Chained privilege escalation on an AD environment via misconfigured permissions — no CVEs, just clever abuse of default rights. From Olivia to Emily to Ethan, we pivoted through user relationships using BloodHound, CrackMapExec, Kerberoasting, and WinRM access. Highlighting how overlooked configurations can lead to full domain compromise.

#ActiveDirectory #PrivilegeEscalation #BloodHound #Kerberoasting #HackTheBox #RedTeam #CyberSecurity #WindowsPentest

The post Hack The Box: Administrator Walkthrough Medium Difficulty appeared first on Threatninja.net.

April 19, 2025
0 comment
Read More >>

AS-REP Roasting

Active Directory users that have the Kerberos pre-authentication enabled and require access to a resource initiate the Kerberos authentication process by sending an Authentication Server… Continue reading → AS-REP Roasting

February 20, 2024
0 comment
Read More >>

AS-REP Roasting

Active Directory users that have the Kerberos pre-authentication enabled and require access to a resource initiate the Kerberos authentication process by sending an Authentication Server… Continue reading → AS-REP Roasting

February 20, 2024
0 comment
Read More >>

Hack The Box: Absolute Machine Walkthrough – Insane Difficulty

In this post, I would like to share a walkthrough of the Absolute Machine from Hack the Box This room will be considered an Insane machine on Hack the Box What will you gain from the Absolute machine? For the user flag, you will need to abuse the vulnerability with AS-REP-Roast to retrieve credentials and figure […]

The post Hack The Box: Absolute Machine Walkthrough – Insane Difficulty appeared first on Threatninja.net.

May 27, 2023
0 comment
Read More >>