Windows

Introduction 🖥️ Visual is a 2019 Windows Server, vulnerable to remote code execution through a misconfigured VS compilation service. After gaining initial access, users are able to pivot to the service account of the locally running web server. Once full privileges have been restored to the service account, users are able to perform a token impersonation attack via the EFS Potato exploit. Source: HackTheBox Scanning/Enum 🔍 Starting off we begin with a port scan. This scan is quick but it makes quite a bit of noise so do keep that in mind. ...