Blackfield Write-Up by T13nn3s

My write-up of the box Blackfield. If you have any improvements or additions I would like to hear! I look forward to learning from you guys!

This was my first Windows Hard box :slight_smile:

Hey, Nice writeup. How did you find that user ‘support’ has ‘Password changing’ privileges over the user ‘audit2020’?

Rpcclient ‘enumprivs’ doesn’t show the exact privileges. I found it only by running Bloodhound on it.

Great writeup as always, expected nothing less :smile: hope you continue doing them!

Oh and one last question, how did you learn to get so good with powershell? I find powershell so hard to work with, its syntax is very confusing, was there anything in particular you did to improve? sorry if my question is a bit off-topic.

Type your comment> @gunroot said:

Hey, Nice writeup. How did you find that user ‘support’ has ‘Password changing’ privileges over the user ‘audit2020’?

Rpcclient ‘enumprivs’ doesn’t show the exact privileges. I found it only by running Bloodhound on it.

Hi gunroot, thanks again for your comment! From a logical approach, I know that ‘support’ has the permissions to change a password. This account is apparently a Service Desk account. An IT Service Desk usually has the permissions to create, view, and change user accounts.

@PapyrusTheGuru said:
Great writeup as always, expected nothing less :smile: hope you continue doing them!

Oh and one last question, how did you learn to get so good with powershell? I find powershell so hard to work with, its syntax is very confusing, was there anything in particular you did to improve? sorry if my question is a bit off-topic.

Hi PapyrusTheGuru, thanks for appreciating my write-ups! I put much effort in and I’m also learning from my own write-ups :slight_smile:

I’m a former Windows Engineer before I moved to IT Security Engineer. I have written many Powershell Scripts and still write them. Powershell in an object-oriented scripting language, just like Python and Java. If you understand the principle of object-oriented scripting, Powershell is not that difficult to read anymore. I have posted my Discord name on the ‘About’ section, so if you have Powershell questions, just drop them in the Discord chat. I am happy to answer all your questions!

Type your comment> @T13nn3s said:

@PapyrusTheGuru said:
Great writeup as always, expected nothing less :smile: hope you continue doing them!

Oh and one last question, how did you learn to get so good with powershell? I find powershell so hard to work with, its syntax is very confusing, was there anything in particular you did to improve? sorry if my question is a bit off-topic.

Hi PapyrusTheGuru, thanks for appreciating my write-ups! I put much effort in and I’m also learning from my own write-ups :slight_smile:

I’m a former Windows Engineer before I moved to IT Security Engineer. I have written many Powershell Scripts and still write them. Powershell in an object-oriented scripting language, just like Python and Java. If you understand the principle of object-oriented scripting, Powershell is not that difficult to read anymore. I have posted my Discord name on the ‘About’ section, so if you have Powershell questions, just drop them in the Discord chat. I am happy to answer all your questions!

Hey, thanks for answering the question! I’m definitely looking into learning more PowerShell, and also it’s awesome to hear you were a former Windows engineer.

@PapyrusTheGuru I’m a chemical engineer. Lol ??

Type your comment> @gunroot said:

@PapyrusTheGuru I’m a chemical engineer. Lol ??

How you’re able to be chemical engineer I will truly never fathom, it’s too hard for me to comprehend lmfao. Respect to you though ?