• Search for:

    Tag Archives: Wireshark

    1. Home  - 
    2. Posts tagged "Wireshark"
    4 Oct, 2025
    Hack The Box: Certificate Machine Walkthrough – Hard Difficulty
    Hard Machine , , , , , , , , , , , , , , ,

    I recently completed the “Certificate” challenge on Hack The Box: after extracting and cracking a captured authentication hash I gained access to a user account (lion.sk) and retrieved the user flag, then progressed to full system compromise by responsibly exploiting weak certificate‑based authentication controls—obtaining and converting certificate material into elevated credentials to capture the root flag. The exercise reinforced how misconfigurations in certificate services and poor time synchronization can create powerful escalation paths, and highlighted the importance of least‑privilege, strict enrollment policies, and monitoring certificate issuance. Great hands‑on reminder that defensive hygiene around PKI and identity services matters.

    #CyberSecurity #HTB #Infosec #ADCS #Certificates #PrivilegeEscalation #RedTeam #Pentesting …

    Learn MoreHack The Box: Certificate Machine Walkthrough – Hard Difficulty

    14 Jun, 2025
    Hack The Box: Inflitrator Machine Walkthrough – Insane Difficulity
    Insane Machine , , , , , , , , , , , , , , , , , ,

    Successfully completed a two-stage Active Directory exploitation scenario involving both user access and privilege escalation. The first stage focused on identifying accounts that did not require Kerberos pre-authentication (AS-REP Roasting), allowing extraction and cracking of a user password hash to gain remote access and retrieve the user flag. In the second stage, a misconfigured certificate template (ESC4 vulnerability) within Active Directory Certificate Services was exploited to request a certificate impersonating a privileged user. This enabled full administrative access and retrieval of the root flag.

    #CyberSecurity #ActiveDirectory #RedTeam #Kerberos #PrivilegeEscalation #ASREP #ADCS #ESC4 #PenetrationTesting #Infosec #HackTheBox #WindowsSecurity #CTF
    Successfully completed a two-stage Active Directory exploitation scenario involving both user access and privilege escalation. The first stage focused on identifying accounts that did not require Kerberos pre-authentication (AS-REP Roasting), allowing extraction and cracking of a user password hash to gain remote access and retrieve the user flag. In the second stage, a misconfigured certificate template (ESC4 vulnerability) within Active Directory Certificate Services was exploited to request a certificate impersonating a privileged user. This enabled full administrative access and retrieval of the root flag.

    #CyberSecurity #ActiveDirectory #RedTeam #Kerberos #PrivilegeEscalation #ASREP #ADCS #ESC4 #PenetrationTesting #Infosec #HackTheBox #WindowsSecurity #CTF

    Learn MoreHack The Box: Inflitrator Machine Walkthrough – Insane Difficulity

    22 Jun, 2024
    Hack The Box: Office Machine Walkthrough – Hard Difficulty
    Hard Machine , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Office Machine from Hack the Box This room will be considered a Hard machine on Hack the Box What will you gain from the Office machine? For the user flag, you need to

    Continue ReadingHack The Box: Office Machine Walkthrough – Hard Difficulty

    6 Feb, 2023
    Hack The Box: Response Machine Walkthrough – Insane Difficulty
    Insane Machine , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Response Machine from Hack the Box This room will be considered an Insane machine on Hack the Box What will you gain from the Response machine? For the user

    Continue ReadingHack The Box: Response Machine Walkthrough – Insane Difficulty

    11 Jul, 2022
    HackTheBox: Carpediem Machine Walkthrough – Hard Difficulty
    Hard Machine , , , , , , , , , , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Carpediem Machine from Hack the Box This room will be considered an Hard machine on Hack The box What will you gain from the Carpediem machine? For the user flag,

    Continue ReadingHackTheBox: Carpediem Machine Walkthrough – Hard Difficulty

    7 Jun, 2021
    Hackthebox: Cap Machine Walkthrough – Easy Difficulty
    Easy Machine , , , , , , , , ,

    In this post, i would like to share a walkthrough on CAP Machine. This room is been considered difficulty rated as an EASY machine Information Gathering on cap machine Once we have started the VPN connection, we can start the information gathering on the

    Continue ReadingHackthebox: Cap Machine Walkthrough – Easy Difficulty