Forum Discussion

Bronze I

10 days ago

PoshC2: Ep.6 – Demonstrate Your Skills

Hi everyone I am stuck on question 8: Run a privilege escalation enumeration module. What is the Administrator password? I already tried most of the privesc modules like invoke-allchecks, hashdump ...

offensive cyber

NyePrior
10 days ago
👋 sidi7

You've mentioned that you've already tried the Invoke-AllChecks module - I'd have another look at the output from that module, as one of the files it checks for (and finds) contains a plain-text password. You shouldn't need to do any hash-cracking or use any external tools to find the password!

steven

Bronze III

10 days ago

well, I have not found another way except cracking the hash externally of IL.
The plaintext password I've not found on the target system by using "Dir -Recurse | Select-String -pattern 'XXXXX'". Also the "priv escalation" part of the "help" command didn't brought anything nor the mimikatz stuff (also including debug-stuff).

Looking forward to learn how others point to the correct way :)

Forum Discussion

PoshC2: Ep.6 – Demonstrate Your Skills

Related Content

Zeek - Demonstrate Your Skills

Autopsy: Demonstrate Your Skills

IAM: Demonstrate Your Skills - Developer access (2/3)

PowerShell Basics: Demonstrate Your Skills question 11/12

APT29 Threat Hunting with Elasticsearch: Ep.11 – Demonstrate Your Skills

Recent Discussions

Threat Hunting Mining Behaviour - Question 1

Help needed for Threat Hunting: Mining Behaviour

Halloween 2020: Ep.1 – Death by Ink

The Haunted Hollow: The Cursed Crypt

S3: Access Policies (Q5)