Try using Kerberos authentication
Looks like there was an additional entry I needed in my /etc/hosts file. Once I added the second entry I was able to enumerate with Bloodhound.
Hmmā¦Been staring at this Bloodhound output for awhile now and have a couple ideas but not sure how to go about executing things.
If you get stuck with bloodhound, donāt forget to edit the /etc/resolv.conf and add the nameserver for the hostā¦ jeeez I was stuck with errors for a while before I solved that partā¦
Iām kinda stucked:
- User P.Rosa can only enumerate through LDAP.
- Bloodhound shows she has no capabilities to do anything to anyone.
- bloodhound shows no sensitive info of any other user for lateral movement.
- In the attack surface I have only got two non crackeable hashes.
Any hint or help on how to continue?
Does your Bloodhound reveal anything else? Potentially a vintage computer name which has a vulnerable credentialsā¦
bloodhound-python say it can not resolve FS01.vintage.htb.
does any have any idea?
Does anyone know why when trying to get the GMSA Password with netexec,ldap,gMSADumper or similar does not work but with AD-bl00dy does?
I have the same issue, canāt seem to find a solution for itā¦ Restarted the box and my own system. No luck so far.
does anybody has same issue as me when running evil-winrm
malloc(): unaligned fastbin chunk detected
It was pretty annoying. What I did was using evil-winrm as less as possible for privesc an rely on Linux tools.