This information was amazing, I was stuck with this problem. How did you figure this out ?
Certified pwned
feel free to dm for help
yo, any hint for root ?
Search for insecure misconfigured certificate templates.
no matter what request I make with neo4j I receive : âNO DATA RETURNED FROM QUERYâ
You must use certipy to search misconfigured certificate templates.
Guys, Iâve got access to ca_operator but I canât get from bloodhound what to do next. Can someone give me a hint?
Ok finally rooted the machine. Thanks to @aftershockman for the hints
Feel free to DM if you need help.
What wordlists did you used to crack the management_svc krb5tgs hash?
Do you always need to crack the pass?
Just askingâŚ
Good luck!
Thank you all for the tips!
I have the same problem did you manage to solve it ?
Hi Guys. Iâm in trouble with PE. I have a management_svc cred but i canât go forward. Any hints for me?
Thx to @Paintester I can pwned the machine Thx!
Is ntpdate what you missed? Iâm getting the same error, and ntpdate doesnât help it
nevermind, shimmied back and forth between ntpdate and ntpd -gq and it suddenly worked�
Probably. In my case it was working after 3 or 4 try.
just use faketime , itâs honestly life saving whenever ntpdate isnt working
Finally did it!
Nice box!
I have to be missing something super simple but I canât seem to make any further progress on this box. I have been able to modify the permissions and members needed to the group, I have been able to request a ticket and obtained an NT Hash⌠Not sure where to go from there. I am not sure how to use the new access/permissions to gain access to the machine.
unable to get root flag. tried everything, but unable to privesc. any hint pls??