I have figured out the hash, if it is a format error why not just say it, this is just a learning rather than a challenge, why not directly issue the format, I have spent a lot of time for this, I really want to spit on the author
Hey, you will read the exercise in the section again. There is the answer were you find the file with the cookies. If you need mor help DM me.
SOLVED!!!
Yes have finished the module already
There are more then one backup DIR \Windows\System32\config, check all
How did you do the restore? I found the password for restic.exe but it says it is the wrong password. It was right when I answered the question to backup password.
for any one stuck in the backup part, just check the modified date of the file you need to dump and chose the last updated one .
check this box
Passwords for users were changed overtime. Hash you submit as answer is outdated. Restore the most recent backup and grab the hash from there.
1 Like
They are looking for the NT part of hash only!
What method did you use to cp the .sqlite to your attack host?
I’ve gone over the exercise many times, and the Windows\System32\config folder is always empty. Can someone provide a nudge on this? No matter how many times I reset the target or do a backup restore, I get the same result.
$env:RESTIC_PASSWORD = ‘Superbackup!’
restic.exe -r E:\restic snapshots
restic.exe -r E:\restic\ restore b2f5caa0 --target C:\Restore
or other ID …let m know
Hello, here is a simple command if you want to transfer files between hosts easily :
- Create a folder named “shares” on your attack host
- RDP to your victim with the option “/dive” like this :
xfreerdp /v:IP /u:user /p:password /dynamic-resolution /drive:shares,/home/<your_htb_folder>/shares
You’ll have a shared folder with the host, and you’ll be able to transfer files easily.
I recommand you the htb module “File transfers” !
Have a great day!