Hack the Box : Zephyr

by Vince
in Blog
Hits: 2265

Hack the Box "Zephyr is an intermediate-level red team simulation environment, designed to be attacked as a means of learning and honing your engagement skills and improving your active directory enumeration and exploitation skills. Zephyr includes a wide range of essential Active Directory flaws and misconfigurations to allow players to get a foothold in corporate environments."

This was a really interesting pro lab because I thought it was going to be easy and yet, there were times when I wasn't even familiar with an attack.  There were a couple of routes when I thought -- I have no idea as to what I'm doing and then I would read, get a nudge from a fellow player, and repeatedly try and fail.  From a learning standpoint, it was awesome.  This lab taught me more than any other, caused me to write new tools and techniques, and really enhanced my knowledge of BloodHound.  

That's the good.  And now for the bad-ish.  Hack the Box is a shared environment so expect systems and services to get broken.  Or for people to change passwords.  I think the key takeaway here is that if you think something should work and it doesn't, it might not be you and it could be time for a break or a reset.  Or if you moved forward but are unable to take the same route the next day, it might be that someone removed some controls that you benefited from unknowingly.  Honestly, the real world changes and that means you just have to adapt.  

Some thoughts on pivoting.  I learned that Ligolo-ng is the latest shiny tool but I used MSF, socks, and SShuttle.  I think I used Chisel one time and the entire lab can be done without Ligolo.  Not that I didn't want to try it but my attacking box isn't Kali and for some reason, I couldn't get Ligolo to work correctly.  

Final thought -- BloodHound is your friend, if you take a new position, run an ingestor.  Mark everything you own as owned and look at the different angles between users, groups, systems, and domains.  

Fun lab -- HTB does not disappoint!