Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 53, 88, 135, 139, 389, 445, 464, 593, 636, 3268, 3269, 5986, 9389, 49667, 49673, 49674, 49698, and 54476 open. From SMB, we find a password-protected WinRM backup archive. After […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 80, 135, 445, and 5985 open. Going to the webserver, we are able to authenticate with default credentials, which gives us access to MFP Firmware Update Center. We are able […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating all ports. The ports returned are consistent with an Active Directory server, so we are likely dealing with an active directory domain. From the webserver on port 80, we find a downloadable file that appears to be […]