Windows: Pass The Hash: Metasploit

overview

A Kali GUI machine and a target machine running a vulnerable SMB server are provided to you. The IP address of the target machine is provided in a text file named target placed on the Desktop of the Kali machine (/root/Desktop/target).

Your task is to fingerprint the application using the tools available on the Kali machine and then exploit the vulnerability using the appropriate Metasploit module.

The following NTLM hash may be used to access the service:

| Administrator User NTLM Hash | | 5c4d59391f656d5958dab124ffeabc20 |

Objective: Exploit the application and retrieve the flag!

Instructions:

Your Kali machine has an interface with IP address 10.10.X.Y. Run “ip addr” to know the values of X and Y.
The IP address of the target machine is mentioned in the file “/root/Desktop/target”
Do not attack the gateway located at IP address 192.V.W.1 and 10.10.X.1

solutions

The solution for this lab can be found in the following manual: https://assets.ine.com/labs/ad-manuals/walkthrough-2378.pdf

PreviousWinRM: Evil-WinRM Invoke-PS-Script NextWindows: Pass The Hash - WMIExec

Last updated 10 months ago