RE: Utilizing techniques learned in this section, find the flag hidden in the description field of a disabled account with administrative privileges. Submit the flag as the answer.
I was able to figure this out using net commands. Don’t feel like I learned enough to puzzle it out using the techniques in the Hint.
Utilizing techniques learned in this section, find the flag hidden in the description field of a disabled account with administrative privileges. Submit the flag as the answer.
net command.Was anyone able to complete the last problem?
The query is very difficult and I don’t know what kind of content to write…
try this:-
your query is incomplete you’re missing the “*” at the end next to HTB. This will query all strings that begin with the “HTB”. If you do it without they will not be able to find anything. Thus it should be,
Everything was explained in the module.
dsquery * -filter "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=32))"
Replace 32(PASSWD_NOTREQD) to 2(ACCOUNTDISABLE).
Then “net user /domain username”
Hi there. In the third question you should finally perform:
1.dsquery…
2. net user <user_name> /domain
Hint: net group “Domain Admins” /domain (for <user_name>)
for third question
dsquery * -filter "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=32))" -attr distinguishedName userAccountControl
This was given in the examples. Try to understand what 32 stands for. When you find it, lets look at last part of the code. Try to make some changes by appending title of what you need.
thanks for this i just couldnt get the naming system