[Day 24] Post Exploitation Learning From The Grinch | Advent of Cyber 3 (2021)

Today is the last day of Advent of Cyber 3.
Actually, there is 25th day in AoC 3, but as you can see in this picture below.

So, It means for the challenge just in 24 days.

And In the last day, we will be learning about Post Exploitation.
The post-exploitation stage usually occurs after an attacker has gained unauthorized access to a system. They do a privilege escalation or just maintain the access.

let’s do the Post Excalation..

# What is the username of the other user on the system?

emily

Just running mimikatz in the victim enviroment. Mimikatz is an automation program for enumeration. so, thanks to Benjamin & Vincent.

Scroll down a little bit, and found the Username.

# What is the NTLM hash of this user?

8af326aa4850225b75c592d4ce19ccf5

# What is the password for this user?

1234567890

From the NTLM hash, I try to crack the hash with JohnRipper.
If you interested in JohnRipper, TryHackMe have some room about it and you can try.

Conclusion

So, that is the sort challenge from last one. Actually, post exploitation has more ways and it’s worth it for learns and practice. Because, penetration testing is not just exploiting, but you must do post exploitation.
Thanks.