ARZ101Vulnlab — SendaiSendai involved enumerating usernames through smb shares having password expired, resetting their password, belonging to Support group they…6 min read·2 days ago----
ARZ101Vulnlab — VigilantVigilant a hard rated chained machine involved enumerating smb shares to find an encrytped pdf file, analyzing the ADAudit dll file to…11 min read·Apr 30, 2024----
ARZ101Vulnlab — KaijuKaiju is a hard rated AD chain, involved enumerating FTP server with default credentials to find filezilla configuration file having the…10 min read·Mar 31, 2024----
ARZ101HackTheBox — ReboundRebound involved performing as-rep roasting by bruteforcing domain users SIDs, then kerberoasting ldap_monitor account with…10 min read·Mar 29, 2024----
ARZ101Vulnlab — SidecarSidecar, a similar AD chained like intercept, involved getting a shell through a lnk file, relaying authentication from WS01 by enabling…9 min read·Mar 2, 2024----
ARZ101Vulnlab — EscapeEscape, an easy rated machine involved having windows running kiosk mode with only RDP service running, bypassing kiosk by using microsoft…5 min read·Feb 24, 2024----
ARZ101Vulnlab — TeaTea, a medium rated AD chain machine, involved having an instance of gitea running which had an active runner, being able to register a…5 min read·Feb 23, 2024----
ARZ101Vulnlab — BrunoBruno involved enumerating ftp shares to find a SampleScanner binary along with a user account which lead to AS-REP roasting, analyzing…7 min read·Dec 14, 2023----
ARZ101HackTheBox — AuthorityAuthority involved enumerating smb shares to find ansible vault credentials which on cracking gave access to an open source Password Self…6 min read·Dec 9, 2023----
ARZ101Vulnlab — DelegateDelegate is a medium rated machine which consisted of enumerating smb shares to find credentials of a user which had GenericWrite over a…5 min read·Oct 29, 2023----