Lets start with nmap scan nmap a 53/tcp open domain syn-ack ttl 127 Simple DNS Plus 80/tcp open http syn-ack ttl 127 Microsoft IIS httpd 10.0 |_http-server-header: Microsoft-...

Entry Nowadays HackTheBox release machine with credentials but this machine not so we have exract some more information before doing that so before done it i wanna run nmap scan before start. nma...

Entry Lets start with netexec and create our /etc/hosts file ➜ authority nxc smb 10.10.11.222 SMB 10.10.11.222 445 AUTHORITY [*] Windows 10 / Server 2019 Build 17763 x64 (na...

Entry Lets start with netexec and create a /etc/hosts file and start nmap scan directly. ➜ Intelligence nxc smb 10.10.10.248 SMB 10.10.10.248 445 DC [*] Windows 10 / ...

Entry Lets start with nxc and create our /etc/hosts file first. ➜ manager nxc smb 10.10.11.236 SMB 10.10.11.236 445 DC01 [*] Windows 10 / Server 2019 Build 17763 x64 (n...

Entry Lets start with netexec ➜ freelancer nxc smb 10.10.11.5 SMB 10.10.11.5 445 DC [*] Windows 10 / Server 2019 Build 17763 x64 (name:DC) (domain:freelancer.htb) (...

Entry Since its Windows boxes i will create my etc/hosts file first with nxc ➜ hospital nxc smb 10.10.11.241 SMB 10.10.11.241 445 DC [*] Windows 10 / Server 2019 Buil...

Entry As its Windows AD machine we can start with nxc we got nothing special yet. At least we learnt DC name is DC01 and domain name is haze.htb. Now we can also generate /etc/hosts file with ...

Entry Create host file nxc smb 10.10.71.143 --generate-hosts-file writable share ➜ breach nxc smb 10.10.71.143 -u 'Guest' -p '' --shares SMB 10.1...

Entry This is another real life Windows pentest from HTB. so we wil start with creds which is rose / KxEPkKe6R8su Lets start with domain name with nxc and nmap ➜ escapetwo nxc smb 10.10.11....