Mounting VHD Files and Windows Privilege Escalation | HackTheBox Bastion | CREST CRT Track

HackTheBox Bastion was a reliable easy-to-use box that presented just a few minor difficulties, such as mounting a VHD from a file sharing and regaining access to a password vault program. It begins, somewhat strangely, without a website and instead uses vhd images stored on an SMB share. Once mounted, these images give access to the registry hive needed to get credentials. These credentials enable the user to ssh into the host. We’ll exploit the mRemoteNG installation to pull the profile data and encrypted data, then demonstrate multiple techniques to decrypt those in order to gain administrator access. We can ssh in as administrator after We figure out the administrator password.

Get OSCP Certificate Notes

Video Walkthrough

, , ,
Show Comments

Motasem

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles