WINDOWS PRIVILEGE ESCALATION [Interacting with Users]

Can someone please help me with “Using the techniques in this section obtain the cleartext credentials for the SCCM_SVC user.”?

1 Like

Sure! did you solve it finally?

Can you help me? I’m stuck here, too

You can DM me.

1 Like

solved. Thanks anyway :beers:

1 Like

To anyone stuck on this, I will give you a clue. Malicious SCF File.

If you need help, send me a message.

3 Likes

I need for help
I use the latest Responder to get sccm_svc hash
but Its cracked-password is wrong

C:\Department Shares\ is you folder, find writable sub-folder and copy SCF there
When you get the responce, copy the whole hash nat crack it like in the lesson :space_invader:

2 Likes

I am also stuck bro can you help on this!!!

Hey! Where you are stuck?

Hey @19delta4u how can I get in contact with you?, I’m completely stuck.

Hey @pavka I can’t find any writable sub-folder, I mapped both Public & Private and all the sub-folders are read only, I mapped with smbmap app + -r flag, can you lemme know how can we get in contact and give a hint?

Write in a subfolder of C:\Department Shares\Public