Mounting VHD Files and Windows Privilege Escalation | HackTheBox Bastion | CREST CRT Track

HackTheBox Bastion was a reliable easy-to-use box that presented just a few minor difficulties, such as mounting a VHD from a file sharing and regaining access to a password vault program. It begins, somewhat strangely, without a website and instead uses vhd images stored on an SMB share. Once mounted, these images give access to the registry hive needed to get credentials. These credentials enable the user to ssh into the host. We’ll exploit the mRemoteNG installation to pull the profile data and encrypted data, then demonstrate multiple techniques to decrypt those in order to gain administrator access. We can ssh in as administrator after We figure out the administrator password.

Get OSCP Certificate Notes

Video Walkthrough

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles