HackTheBox - Driver

00:00 - Intro 01:05 - Start of nmap 1:55 - Quickly testing SMB, then using CME to get a hostname of the box 3:30 - Testing out the website, discovering admin:admin logs us in. Running gobuster with HTTP Auth 04:55 - The website allows us to write to a file share. Going over SCF Files and how we can use them to steal NTLMv2 Hashes by having an external icon 07:30 - Using hashcat to crack the NTLMv2 Hash 08:45 - Using CME with these credentials to discover we can WinRM to the box 11:30 - Downloading WinPEAS and using our Evil-WinRM shell to execute it 14:40 - Going over the WinPEAS Output and discovering a Ricoh printer driver 21:50 - Going over the Ricoh printer driver exploit 23:10 - Switching to Metasploit, showing an issue with the WinRM Module in MSF 26:25 - Using MSFVenom to create an executable then having WinRM send us the meterpreter shell 29:30 - Having trouble getting the exploit to run... Switching to a 32 bit payload... then migrating to a interactive process