On the Skill assessment I have completed the attack and everything seemed to work but on PK1 I cant not pull any logs with the given event IDs. Anyone that can help?
You can connect like that. Then you use command to filter log.
$events = Get-WinEvent -FilterHashtable @{LogName=‘Security’; ID=4886}
foreach ($event in $events) {
Write-Host “Event ID: $($event.Id)”
Write-Host “Published Time: $($event.TimeCreated)”
Write-Host “Source: $($event.ProviderName)”
Write-Host “Log Name: $($event.LogName)”
Write-Host "Event XML:"
$event.ToXml()
Write-Host "----------------------------------------"
}
You can use command. After that, Please find the latest or similar event and then find result EAGLE.…
Now PKI dosen’t boot up, based on 4 out of 4 attempts…
the cheat sheet gives this command to connect to the PK1 from kali:
evil-winrm -i 172.16.18.15 -u htb-student -p ‘HTB_@cademy_stdnt!’
then you can use a powershell command to search by the event IDs
did u manage to solve this, im having the same issue