🕵🏽‍♂️ Pulling Off the Heist: A Methodical HTB Takedown To start, I launched Burp Suite Community Edition and navigated to the target IP address: 10.129.5.22. Upon visiting the site, I was …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A step-by-step walkthrough of the HackTheBox 'Heist' machine covering the full attack chain: web portal enumeration, Cisco router config analysis, MD5 hash cracking with hashcat, SMB credential validation using NetExec, RID brute forcing for user enumeration, WinRM access via Evil-WinRM, Firefox process memory dumping with ProcDump, targeted credential extraction from the dump, and final privilege escalation to Administrator via psexec.py over SMB.