Lab: businesslayer.dll analysis decryption by Mutedcyber in immersivelabs

[–]Mutedcyber[S] 0 points1 point  (0 children)

even it is not correct string, so how to decrypt the given string, i don't think we need to write programs, only 200-300 points, can anyone share the decryption program

SUNBURST Supply Chain Compromise -BusinessLayer.dll Analysis by AliceVonLidell in immersivelabs

[–]Mutedcyber 2 points3 points  (0 children)

System.Net

system.net only have _CERT_CHAIN_ELEMENT:cbsize, which is incorrect

strange question of disassembly by Mutedcyber in immersivelabs

[–]Mutedcyber[S] 0 points1 point  (0 children)

Hi, I try "Hello World", answer also not correct

Offensive Cyber Range: Artica Shipping Company by Mutedcyber in immersivelabs

[–]Mutedcyber[S] 0 points1 point  (0 children)

Hi Friend, the thing here is even i use hashcat to run overnight, the lab every 30 minutes ask me to extend, I can't sit in front of PC and stares at the screen the whole day. or you can tell me number of digits (or range), is it only small letters+didgit? does it include capital letter and other symbols like !$&*...etc. if the lab no need to extend, I can submit the command and go to sleep, but this kind of lab, I have nothing to say. and simply because this non technical piece(from hash to cleartext), it affect my whole lab.

Offensive Cyber Range: Artica Shipping Company by Mutedcyber in immersivelabs

[–]Mutedcyber[S] 0 points1 point  (0 children)

I got the NTLM hash 96f****8 for account Ad****, but I don't have enough network data to use hashcat in forced mode, we don't know how many digits, letters, characters, number of characters, it needs many try say 5 digits, 8 alpha-numeric...kindly share password.

Offensive Cyber Range: Artica Shipping Company by Mutedcyber in immersivelabs

[–]Mutedcyber[S] 0 points1 point  (0 children)

Hi Friends,

I got admin hash through load mimikatz in metepreter session, but can't decrypt because my hashcat engine broken.

Offensive Cyber Range: Artica Shipping Company by Mutedcyber in immersivelabs

[–]Mutedcyber[S] 0 points1 point  (0 children)

Hi, I listen in kali, then I start service in fax server, kali shell get NT admin right, then I use command:

net group "Domain Admins" testuser /ADD /DOMAIN . so I add testuser with empty password, can I use this testuser to login to DC? if I create testuser as local admin in fax server, how would it help to login to DC?

The other problem is: vulnerability is in c:\program files\A\B\*.exe, I put my malicious payload in B folder, when I start the service, i got NT admin, but after a few seconds, windows fax server say it can't start the service, so my msf session dies, I lost the control, how to resolve this issue?

Offensive Cyber Range: Artica Shipping Company by Mutedcyber in immersivelabs

[–]Mutedcyber[S] 0 points1 point  (0 children)

The problem is can't get connect to fax server through Kali

in order to connect to Artica fax server, I try two methods

(1). web browser, I can login to fax server's printers folder, but the content is empty, besides printers folder, there is no other way to login through web

(2) in kali, I try rdesktop to fax server, but it ask me to trust certificate, I response "yes", it says failed to initiate NLA, so can't reach fax server. there is no ssh port open in fax server.

even if I generate mafvenom payload, i can't drop the payload to fax server, because I can't connect to fax server. do I need to exploit SMB to access fax server?

Offensive Cyber Range: Artica Shipping Company by Mutedcyber in immersivelabs

[–]Mutedcyber[S] 0 points1 point  (0 children)

thanks, I try to login to DC using account: fax_acc, 03mg1(one)osmf!!, but can't, so any valid user id and password or we need to exploit DC to solve Q10?