Hi, half year ago I finished Module “Windows Privilege Escalation”. Now this module is updated with the section “Citrix Breakout”. Very interesting lesson and well explained how to achieve window privilege escalation in a restricted environment. However, to answer the questions you have to RDP and results in a linux os machine (Ubuntu). Admittedly in a “windows-like” environment (Xfce4 installed). So it is reachable by RDP, but still remains linux. I tried everything but can’t get the windows powershell etc.
1 Like
facing same issue
have you solved?
Nop
I got it,
After you loggedin via rdp
in the rdp machine, open browser and visit On the Internet: Be Cautious When Connected — FBI
then use the following credential
Username: pmorgan
Password: Summer1Summer!
Domain: htb.local
1 Like
Thanks. Actually it was written in the lesson. I tried the link earlier in my own browser and that yielded the FBI website (redirecting to https site). In the RDP environment it worked as was told in the text…
Thanks again!!!
1 Like
Can’t run any .ps1 files on target system. I have got the pmorgan flag.txt but can’t escalate privileges. Help would be great 
1 Like
Setting the execution policy to ‘Bypass’ at the process level is a decision that should be made with caution, as it allows the execution of scripts without restrictions with ‘Set-ExecutionPolicy Bypass -Scope Process’.
1 Like
Hi were you able to resolve it?
Yes, we need to ‘Set-ExecutionPolicy Bypass -Scope Process’ before trying to run any .ps1.
1 Like