I believe the second flag you get once you are able to dcsync
Does anyone know how to force change the password of bl**e, it says that a workstation is able to force change but I had no luck, The i think its possible to do it with gui but none of the ips have rdp open, and using powerview is not possible since i used james hash to login to 110.53
how did you access zsm.local i compromised the DC of painters.htb but i dont see another network. ip config doesnt show anything
i have a problem in initial access i know the idea but doesnât work, anyone have idea why
Need help with getting service ticket for Administrator with B***e .
I got tickets and can even initiate the process. But it is not executed on behalf of DC .55, but from the machine on which I am doing itâŚ
UPD: Nwm, Got it.
I am stuck on the initial foothold, if someone could PM me for a hint on how to proceed it would be greatly appreciated. Iâm pretty sure I know the route to take but lost on how to execute.
Would appreciate a hint on the initial foothold. Have a feeling it relates to the âApply now!â section but havenât been able to get anything back to my machine.
I also need help with the initial foothold. If anyone would be so kind as to DM me with some hints, that would be greatly appreciated. Thanks!
Looks like allot of people are stuck on the initial foot hold. I am stuck at this point as well, have found the file upload and can bypass it but cant find its location in the web app. Can see it sends a POST to a certain page to upload the file but cant find it in that location after the POST request.
Any help would be much appreciated.
How can i get foothold on this zephyr lab.
Did you get it? I need help. I am stuck there
As local admin you can use mimikatz to dump the hashes of the machine account. With that you can perform the change from linux via (for example) bloodyad or pth-net. Mimikatz setntlm might also work.