Intelligence
Intelligence
Intelligence 357
Intelligence
RETIRED MACHINE

Intelligence

Intelligence - Windows Windows
Intelligence - Medium Medium

4.6

MACHINE RATING

7049

USER OWNS

5176

SYSTEM OWNS

03/07/2021

RELEASED
Created by Micah

Machine Synopsis

Intelligence is a medium difficulty Windows machine that showcases a number of common attacks in an Active Directory environment. After retrieving internal PDF documents stored on the web server (by brute-forcing a common naming scheme) and inspecting their contents and metadata, which reveal a default password and a list of potential AD users, password spraying leads to the discovery of a valid user account, granting initial foothold on the system. A scheduled PowerShell script that sends authenticated requests to web servers based on their hostname is discovered; by adding a custom DNS record, it is possible to force a request that can be intercepted to capture the hash of a second user, which is easily crackable. This user is allowed to read the password of a group managed service account, which in turn has constrained delegation access to the domain controller, resulting in a shell with administrative privileges.

Machine Matrix

Ready to start your
hacking journey?