Using CrackMapExec - Skills Assessment

keep on going with enum for svc_inlaneadm. Just keep iterating over what you have learned in module

Finally done. I was enumerating only smb, thats was my mistake! Ty very much

1 Like

I am stuck with question 1. Where did you guys find a user name? What did I oversee???

does anyone can give a clue about 3 question
I found an intern user who can write in one of the shares
but when I try to use NTLMRelayx and drop-sc I just see that user named james trying to connect but doesn’t get the hash or the password

hey, can you explain how you gained the access to the DC
I found one more account n**k
and I stuck I found a vulnerability that I can use but the POC doesn’t work

can you help please

Try to use the credential gathering option with this new user creds

How did you found the n**k account? I am stuck with Jame’s credentials!

Check all options suggested during the module for enumerating with the SMB protocol without credentials!

1 Like

Got it! Thanks!

1 Like

How did you move forward when you got the creds for James? I can’t seem to be able figuring that out!

try looking for stuff using ldap options like “Options to play with Kerberos”

Thanks, I managed to find the solution after a while. I am now stuck on the last question having the creds for nick. Feel free to provide any nudge!

Did you try credential gathering options?

Every single one from the module, but this user is not an admin anywhere, so I did not expect to work!

Can someone give me a hint on the last question:
I have credentials the credentials of n…k, this supposed ccache file, where we found the user svc_inlaneadm.
I tried using the ccache file to create Kerberos loginwitj the export function, but it did not work. I tried ronuse the vulnerability módulos, but it did not successd exploiting neither potipotam nor dfscoerce.
Would that be the way?