Struggling with 'CVE-2025-33073 (SMB Elevation of Privilege): Offensive' lab

Question

Hello Immersive community!I'm trying to complete this lab and was able to run the CVE exploit and dump hashes but I'm struggling to answer the final question: 'What are the last five characters of the Administrator password?'I figure this indicates the need to crack the hash, but running the hash against rockyou wordlist didn't reveal any successful guesses. Conversely, the 'In this lab' section of the briefing indicates 'Then, take advantage of this flaw by performing the exploitation using the Python tools discussed throughout the lab to obtain the token from the compromised victim's desktop.' which suggests a flag in a file on victim desktop however none is found.Any help, tips, or nudges on this would be appreciated!

benmccarthy · Answer

Hi Mango,
Thank you for your message, I have edited the lab to make the question clearer.
You are actually at the end of the lab! You just need to input the five hexadecimal characters of the second hash associated with the Administrator account :).
I have also edited this lab section to follow on with the lab more clearly.&nbsp;
I hope this helps, and thank you for doing this lab!&nbsp;
&nbsp;

Forum Discussion

Struggling with 'CVE-2025-33073 (SMB Elevation of Privilege): Offensive' lab

1 Reply

Featured Places

Help & Support Forum

Related Content

New CTI Lab: CVE-2025-33073 (SMB Elevation of Privilege): Defensive

Privilege Escalation: Linux – Demonstrate Your Skills

Privilege Escalation: Windows – Automated Enumeration

Privilege Escalation: Windows – Weak Service Permissions

New CTI Lab: CVE-2024-30051 (Windows DWM Core Library Elevation of Privilege) – Defensive

Recent Discussions

Web App Hacking (Lab series): CVE-2022-42889 (Text4Shell) – Offensive

Custom Lab creation AWS EC2 image issue

ICS Malware: Triton - unpack trilog.exe

Fundamental AI Algorithms: Decision Trees Script Detection Question 6

Hijacking Public EBS Snapshots