HackTheBox - Return Writeup
Return is an easy Windows machine on Hack The Box that involves exploiting a network printer admin panel to extract LDAP credentials via a malicious LDAP server. These credentials are then used to gain access through WinRM. Privilege escalation is achieved by abusing group membership, leading to full system compromise.
server-operators-group printer sc.exe evil-winrm