Made by RebornSec ® Fuse is windows box made up by egre55, this box a good practice in the advanced enumeration on Windows machines. Without further do let’s start our work :)

Made by RebornSec ® Machine Maker(s) : polarbearer GibParadox Overview : Finding some credentials from the directory admin-dir/ Checking the files in ftp using the credentials we found Create our MySQL db and link it to adminer administration platform Get the credential and login as waldo We getUser.txt Creating file function make_archive() inside file called shutil.sh Launch shutil.sh using…

Made by RebornSec ® Machine Maker(s) : polarbearer GibParadox Overview : Finding some credentials from the directory admin-dir/ Checking the files in ftp using the credentials we found Create our MySQL db and link it to adminer administration platform Get the credential and login as waldo We getUser.txt Creating file function make_archive() inside file called shutil.sh Launch shutil.sh using…

Made by RebornSec ® This is amusing box made up preparing for the Halloween. So lets start the MAGIC.

Made by RebornSec ® This is amusing box made up preparing for the Halloween. So lets start the MAGIC.

Made by RebornSec ® Machine Maker(s) : Xh4H Overview : Retrieving some information from the defaced webpage Grabing the username and the password for the webshell (some OSINT) Replacing the webadmin ssh key with ours Login as webadmin Embedding our ssh key using luvit Login as sysadmin We getUser.txt Checking the services to find script that run every 30…

Made by RebornSec ® Machine Maker(s) : Xh4H Overview : Retrieving some information from the defaced webpage Grabing the username and the password for the webshell (some OSINT) Replacing the webadmin ssh key with ours Login as webadmin Embedding our ssh key using luvit Login as sysadmin We getUser.txt Checking the services to find script that run every 30…

Made by RebornSec ® Machine Maker(s) : egotisticalSW Overview : Retrieving some information from the webpage Enumerating LDAP and finding users Getting the hash password of our wanted user Login as fsmith We getUser.txt Finding password in logon registry Login as svc_loanmgr Uploading mimkatz and grabbing the Administrator NLTM hash Login as Administrator using Evil-winrm We get Root.txt Enumeration phase :

Made by RebornSec ® Machine Maker(s) : egotisticalSW Overview : Retrieving some information from the webpage Enumerating LDAP and finding users Getting the hash password of our wanted user Login as fsmith We getUser.txt Finding password in logon registry Login as svc_loanmgr Uploading mimkatz and grabbing the Administrator NLTM hash Login as Administrator using Evil-winrm We get Root.txt Enumeration phase :