HackTheBox - Manager Writeup
Manager is a medium-difficulty Hack The Box Windows machine set in an Active Directory environment with AD CS, a web server, and MSSQL. Initial access is gained via RID cycling and password spraying, followed by exploiting xp_dirtree to discover a web backup containing reused credentials. These are used for WinRM access, and privilege escalation is achieved via AD CS ESC7.
February 9, 2025 1 min read ldap ldaps ldap-secure ldapsearch kerberos kerbrute kerbrute-userenum mssql crackmapexec-mssql impacket-mssqlclient xp_dirtree xp_dirtree-traverse responder.py steal-NTLMv2 NTLMv2 evil-winrm adcs-esc7 certify certipy-ad manageCA rubeus psexec.py psexec-hash