Certified
Certified
Certified 633
Certified
RETIRED MACHINE

Certified

Certified - Windows Windows
Certified - Medium Medium

4.8

MACHINE RATING

4113

USER OWNS

3855

SYSTEM OWNS

02/11/2024

RELEASED
Created by ruycr4ft

Machine Synopsis

`Certified` is a medium-difficulty Windows machine designed around an assumed breach scenario, where credentials for a low-privileged user are provided. To gain access to the `management_svc` account, ACLs (Access Control Lists) over privileged objects are enumerated leading us to discover that `judith.mader` which has the `write owner` ACL over `management` group, management group has `GenericWrite` over the `management_svc` account where we can finally authenticate to the target using `WinRM` obtaining the user flag. Exploitation of the Active Directory Certificate Service (ADCS) is required to get access to the `Administrator` account by abusing shadow credentials and `ESC9`.

Machine Matrix

Ready to start your
hacking journey?