Possibly Related Threads…

Sqweez · (This post was last modified: Jun 22, 2024, 07:03 PM by Sqweez.)

Lets go pwn together Smile

GL for all
https://app.hackthebox.com/machines/611

a44857437 · (This post was last modified: Jun 22, 2024, 07:44 PM by a44857437.)

It's a Windows machine with SMTP... bit weird (has SAML authentication)

not much on the HTTP yet..

eunaosei · Jun 22, 2024, 07:44 PM

Our website is currently down for maintenance.

We apologise for the inconvenience and appreciate your patience as we work to improve our online presence.

If you have any outstanding invoices or requests, please email them to accounts@axlle.htb in Excel format. Please note that all macros are disabled due to our security posture.

We will be back as soon as possible. Thank you for your understanding.

prob phishing

a44857437 · (This post was last modified: Jun 22, 2024, 08:18 PM by a44857437.)

(Jun 22, 2024, 07:44 PM)eunaosei Wrote:
Our website is currently down for maintenance. We apologise for the inconvenience and appreciate your patience as we work to improve our online presence. If you have any outstanding invoices or requests, please email them to accounts@axlle.htb in Excel format. Please note that all macros are disabled due to our security posture. We will be back as soon as possible. Thank you for your understanding.

prob phishing

Probably, to the accounts account

eunaosei · Jun 22, 2024, 07:46 PM

(Jun 22, 2024, 07:45 PM)a44857437 Wrote:
(Jun 22, 2024, 07:44 PM)eunaosei Wrote:
Our website is currently down for maintenance. We apologise for the inconvenience and appreciate your patience as we work to improve our online presence. If you have any outstanding invoices or requests, please email them to accounts@axlle.htb in Excel format. Please note that all macros are disabled due to our security posture. We will be back as soon as possible. Thank you for your understanding.

prob phishing

Probably, to the account account

yeah lmao

so far i've tried to use metasploit exploit/windows/fileformat/office_excel_slk since macros are disabled, but no luck yet

SomeBody1338 · Jun 22, 2024, 08:22 PM

Probably XLL phish (also matching with a box name)

a44857437 · Jun 22, 2024, 08:30 PM

(Jun 22, 2024, 08:22 PM)SomeBody1338 Wrote: Probably XLL phish (also matching with a box name)

ah... making an XLL, meh

Sqweez · Jun 22, 2024, 09:00 PM

(Jun 22, 2024, 08:22 PM)SomeBody1338 Wrote: Probably XLL phish (also matching with a box name)

Can you please tell me how to send the generated xll file?

imassxck · Jun 22, 2024, 09:10 PM

i maked XLL with
https://github.com/zimnyaa/xyrella
and
swaks --to accounts@axlle.htb --from test@test.com --header "Subject: test" --body "test" --attach @addin.xll
is not worked ...

asdasas2132122 · Jun 22, 2024, 09:59 PM

How did they create the .xll file?

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot	htb-bot	87	7,975	1 hour ago Last Post: char0n1507
	[FREE] HackTheBox All Cheatsheets	Tamarisk	9	564	1 hour ago Last Post: char0n1507
	CBBH Write Ups	hiddenhacker	23	6,343	2 hours ago Last Post: somecrazykid
	[FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags	Techtom	26	2,798	3 hours ago Last Post: Neuromanc3r
	[FREE] CPTS 12 FLAGS	pulsebreaker	72	2,219	4 hours ago Last Post: coolguyaroundyou