2 posts tagged with "Windows"

In this HTB challenge, I pwned a Windows machine which had a copy of the SYSVOL SMB share, where an encrypted password was stored in a GPP. This password could be decrypted, because Microsoft published its AES key. This challenge also included the interesting Kerberoast attack, which was new to me, and I found a lot of joy looking into it.

This was a no brainer challange, it demonstrated the infamous eternalblue vulnerability which was use by the WannaCry ransomware worm which almost put the world into shambles in 2017.