We covered a machine with a printer exposed to the public via port 80. The printer contained a form that sends an LDAP request internally. We were able to hijack the LDAP packets and redirect it to our machine where we intercepted a pair of credentials which landed us a shell on the machine. Privilege escalation was accomplished on the windows active directory machine through the server operators group and by exploiting an existing service and changing its binary path to an executable we control. This was part of intro to printer exploitation HackTheBox Return.

Get OSCP Certificate Notes

Video Walkthrough

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles