Pentesting Windows Active Directory with BloodHound | HackTheBox Forest | CREST CRT Track
We covered HTB Forest as part of CREST CRT Track where we performed AS-REP ROASTING and DCsync on the machine running Windows server active directory. There was no online application to serve as an attack surface, it was a special box. We had to take advantage of a null session to obtain a user’s hash, which we then applied to the box to obtain a shell. We then use that shell to run Bloodhound to find a way to elevate our user account privileges, use that account to dump secrets, and finally log in to the box as the administrator using those secrets.