Using CrackMapExec - Skills Assessment

I didn’t see another thread on this module so I started this one.

I’m currently on the skills assessment.

I curated a username list of 931 users using --rid-brute.

So far, password spraying has been unfruitful.

Has anybody finish this module? If so, I could use a little help.


asreproast to the rescue! First flag done!




I just finished the module. Reach out if you get stuck. It’s a tough one!


OSError: [Errno Connection error (INLANEFREIGHT.LOCAL:88)] [Errno 111] Connection refused

1 Like

make sure you use --kdcHost

Usually, when I get that error, it is an /etc/hosts issue.

I would add DC01 to the domain controller line.


It was!

1 Like

Any hints with the MSSQL Server? I was able to gain five users with password or hash so far, but not able to retrieve the flag.

Do i need a user and password combination or should I use the path which exploits a vulnerability?

1 Like

I am pretty busy, but I made notes for this module.

If you can send me an email address I can share my notes with you.

The notes are on my Google drive, so gmail is preferred.

Any email will work though.


I am stuck on question 2 of the Vulnerability Scan Modules section; I have checked for and tried to exploit multiple vulnerabilities but the only one I have successfully exploited was the zerologon exploit which does not allow me to read the c drive. can you point me in the right direction.

1 Like


I have notes for every module on my Google Drive.

Send my your email (gmail preferred) and I’ll share my notes to you.


Hi, I’m having issues connecting to the target. Nothing is connecting back to my chisel client even though the target is responding to ping. Am I doing something wrong?

I’ve tried for like 3 days now to get a connection, nothing is happening.