-
Deploy the Windows VM and login using the "user" account.
no answer needed -
Generate a reverse shell executable and transfer it to the Windows VM. Check that it works!
no answer needed -
What is the original
BINARY_PATH_NAMEof the daclsvc service?C:\Program Files\DACL Service\***********.exe
-
What is the
BINARY_PATH_NAMEof the unquoted service?C:\Program Files\Unquoted Path Service\Common Files\*****************e.exe
-
Read and follow along with the above.
no answer needed -
Read and follow along with the above.
no answer needed -
Read and follow along with the above.
no answer needed -
Read and follow along with the above.
no answer needed -
What was the admin password you found in the registry?
*********123
-
Read and follow along with the above.
no answer needed -
What is the NTLM hash of the admin user?
********************************
-
Read and follow along with the above.
no answer needed -
Read and follow along with the above.
no answer needed -
Read and follow along with the above.
no answer needed -
Read and follow along with the above.
no answer needed -
Name one user privilege that allows this exploit to work.
Se*******************vege
-
Name the other user privilege that allows this exploit to work.
Se******************************vege
-
Read and follow along with the above.
no answer needed -
Experiment with all four tools, running them with different options. Do all of them identify the techniques used in this room?
no answer needed