“Restore the directory containing the files needed to obtain the password hashes for local users. Submit the Administrator hash as the answer.”
I can easily restore the restic backups, but downloading the SAM and SYSTEM files to my Kali box and running samdump2 yields null passwords for all local users. I believe that samdump2 no longer works with modern Windows SAM/SYSTEM dumps.
After downloading the SAM and SYSTEM files to my Kali, I used secretsdump.py instead of samdump2 and I got the “real” hashes, not the “null” hashes! Boom!
can you give a hint on how to find and download the cookie in the previous question in this section
" Log in as Grace and find the cookies for the slacktestapp.com website. Use the cookie to log in into slacktestapp.com from a browser within the RDP session and submit the flag."
Hi, I got the hash using a tool, but I have no way to determine which one is mine
[*] Dumping local SAM hashes (uid:rid:lmhash:nthash)
Administrator:500:aad3bwd3b51506eeaad3b435b51404ee:20ff3655bfbs1119d751d9b012547236:::
This is the hash I got, can you tell me the format of the answer? I did some obfuscation with this hash, it’s not the correct hash
I’m stuck on the Pillaging and Miscellaneous Techniques modules of the Windows Privilege Escalation module, I have the administrator’s hashes etc. files, but I can’t get the answer
Can you show me your WIndows Privilege Escalation and ACTIVE DIRECTORY ENUMERATION & ATTACKS notes? I have been stuck in these two modules, I really want to get a little permission but there is no way to solve it, my Google mailbox is 1489481887jlb@gmail.com Thank you
I did a while ago. I made notes for every module i did. Send me your gmail email address and I’ll share my notes with you. They are in my Google Drive.