https://bitfragment.com/tags/privilege-escalation/ Recent content in Privilege Escalation on BITFRAGMENT Hugo -- gohugo.io en-us <a href="https://creativecommons.org/licenses/by-nc/4.0/" target="_blank" rel="noopener">CC BY-NC 4.0</a> Mon, 26 Oct 2020 05:12:13 +0100 https://bitfragment.com/posts/tryhackme-throwback/ Mon, 26 Oct 2020 05:12:13 +0100 https://bitfragment.com/posts/tryhackme-throwback/ Introduction In this blog post, I am going to cover attacking a Windows infrastructure, from initial reconnaissance to domain dominance. Our target is Throwback Hacks Corporation - a company providing pentesting services who has hired us to perform a black-box pentest on their network. The Kill Chain The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision and order to attack the target, and finally the destruction of the target. https://bitfragment.com/posts/tryhackme-gaming-server-room/ Mon, 31 Aug 2020 21:22:13 +0100 https://bitfragment.com/posts/tryhackme-gaming-server-room/ Before we begin, you can access this room by creating an account with tryhackme.com and browsing to this link to join it, or by simply searching for &ldquo;GamingServer&rdquo; under the Hacktivities tab. Scanning &amp; Enumeration Running nmap # Nmap 7.80 scan initiated Mon Aug 31 09:48:52 2020 as: nmap -A -p- -vv -oA nmap/all 10.10.231.38 Nmap scan report for 10.10.231.38 Host is up, received syn-ack (0.087s latency). Scanned at 2020-08-31 09:48:53 BST for 64s Not shown: 65533 closed ports Reason: 65533 conn-refused PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 7. https://bitfragment.com/posts/tryhackme-kiba-room/ Mon, 31 Aug 2020 20:02:10 +0100 https://bitfragment.com/posts/tryhackme-kiba-room/ Before we begin, you can access this room by creating an account with tryhackme.com and browsing to this link to join it, or by simply searching for &ldquo;Kiba&rdquo; under the Hacktivities tab. Scanning &amp; Enumeration Running nmap # Nmap 7.80 scan initiated Sun Aug 30 11:10:00 2020 as: nmap -A -p- -vv -oA nmap/all 10.10.212.50 Nmap scan report for 10.10.212.50 Host is up, received syn-ack (0.084s latency). Scanned at 2020-08-30 11:10:01 BST for 77s Not shown: 65531 closed ports Reason: 65531 conn-refused PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 7.