root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7::: So use the highlighted part as the password. So password = YIFGN9YscCV72BjFtx/
For Windows
Use ntlm hash
Example Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c:::ย
password = 31d6cfe0d16ae931b73c59d7e0c
Old methods
For linux
1- cat /etc/shadow 2-copy whole hash(root) root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7::: 3-Then find it's MD5 sum and that's your password for writeup
For windows
1-Find root hash with hashdump.exe or any other tool. 2-Then convert that also into MD5 sum 3-That's your password for the Writeup
Its an easy box from hack the box which is very easy and it is more of CVE type. Commands used nmap -sC -sV -O -v -oA initial 10.10.10.4 msfconsole use exploit/windows/smb/ms08_067_netapi show options Steps involved EnumerationFinding exploitUsing metasploit module to exploit it. Enumeration Nmap Scan Increasing send delay for 10.10.10.4 from 0 to 5…
It was a great machine from hackthebox.It had only two ports open.And after testing the website got an error and got a CVE related to it .Rest was easy .For privilege escalation linpeas was enough.
