Introduction Monteverde is a medium ranked machine that starts off with enumerating users, then finding password to another user on an SMB share. This new user is part of Azure Admins group and du...

Introduction Forest is an easy active directory based machine that involves ASREPRoasting to a get a hash which we can crack to get our first set of credentials. After gaining some initial credent...

Background So around 4 years ago, I stumbled across a video from Hak5 that mentioned that someone had jailbroken a cpap machine in order to turn it into a ventilator for COVID-19 patients. Natural...

Introduction This was a very fun box that showcased some realistic Active Directory attacks. The box starts off with me finding a public share in which I find a set of default credentials for MSSQ...

Introdution Mantis was an interesting box with a somewhat realistic chain of attack, it started off with two webservers both IIS one had Orchard CMS the other had a secret directory which containe...

Introduction Intelligence was an medium-level box that showcased realistic AD-attacks. Initially we find a web-server with two pdfs in the format of 2020-Month-Day so we create a bruteforce scrip...