RE: Utilizing techniques learned in this section, find the flag hidden in the description field of a disabled account with administrative privileges. Submit the flag as the answer.
I was able to figure this out using net commands. Don’t feel like I learned enough to puzzle it out using the techniques in the Hint.
Was anyone able to complete the last problem?
The query is very difficult and I don’t know what kind of content to write…
your query is incomplete you’re missing the “*” at the end next to HTB. This will query all strings that begin with the “HTB”. If you do it without they will not be able to find anything. Thus it should be,
Everything was explained in the module.
dsquery * -filter "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=32))"
Replace 32(PASSWD_NOTREQD) to 2(ACCOUNTDISABLE).
Then “net user /domain username”
1 Like