Yea I ended up finding it, but I can’t get my payloads to work, I uploaded nc.exe in the dc. Cant seem to get any of the sliver payloads to work
So you have a session as NT Service\MSSQL$SQLEXPRESS in DC02 right!? This account has SeImpersonatePrivilege.
You can ‘execute-assembly /home/htb-ac-799850/GodPotato-NET4.exe -cmd “whoami”’ and it should get you SYSTEM