DACL Attacks I: Granting Rights and Ownership last task [Skills Assessent]

easydor · August 31, 2024, 3:35pm

Hi, apparently I was able to grab flag of task 4 (“gain access to the shared folder \DC01\CEO, without changing the CEO’s password. Submit the contents of flag.txt as the answer”) but I do reset chap’s password

Any hints on how achieve same goal but without changing chap’s credentials?
Thank you!

meiyeh · December 8, 2024, 1:06pm

You can use targetedKerberoast.py and hashcat.

voyager77 · January 30, 2025, 4:46am

Can you dm?
I performed Kerberoasting on the sole member of the CEO and obtained the hash, but I was unable to crack it.
John as a same.

hashcat -m 13100 -a 0 cred.txt /usr/share/wordlists/rockyou.txt

voyager77 · January 30, 2025, 5:34am

Nvm.
Solved.

Topic		Replies	Views
Dacl attacks I academy htb academy	1	132	December 8, 2024
Password Attacks Lab - Medium Academy	65	8174	November 12, 2024
DACL Attacks II	4	213	January 29, 2025
ATTACKING COMMON SERVICES - Attacking SMB htb , academy , htb-academy	13	4449	July 11, 2024
Solving the lab Academy	16	1501	August 1, 2024

DACL Attacks I: Granting Rights and Ownership last task [Skills Assessent]

Related topics