Machine Synopsis
Analysis is a hard-difficulty Windows machine, featuring various vulnerabilities, focused on web applications, Active Directory (AD) privileges and process manipulation. Initially, an LDAP Injection vulnerability provides us with credentials to authenticate on a protected web application. Through this application, access to the local system is obtained by gaining command execution through an HTA file upload. On the target system, credentials for another user are found in the web application's log files. Subsequently, by implementing an API Hook on `BCTextEncoder`, an encrypted password is decrypted and used to pivot to another user. Finally, by changing the password of an account that has `DCSync` rights against the domain, administrative access to the domain controller is obtained.
Machine Matrix