The Red Failure machine on Hack The Box is a challenging machine that requires a combination of enumeration, exploitation, and privilege escalation skills. In this blog post, we walked through the steps to exploit the machine and gain elevated privileges. If you're interested in trying out the machine yourself, head over to Hack The Box and give it a shot!
scdbg (ShellCode DeBuGger) is highly recommended for this challenge. It allows you to emulate the shellcode and see the Windows API calls it makes, which often reveals the decrypted flag or the next stage of the attack.
To gain elevated privileges, we can use the winrm tool to access the machine using the Administrator's credentials: red failure htb
Frequently used to re-execute malicious scripts at regular intervals.
smbclient //10.10.11.193/backup -U anonymous The Red Failure machine on Hack The Box
Disclaimer: This content is for educational purposes only. Always practice ethical hacking within legal boundaries.
Once inside the share, we find a file called backup.zip . We can download the file and attempt to unzip it: scdbg (ShellCode DeBuGger) is highly recommended for this
After cracking the passphrase, we can use the private key to authenticate via SSH. Once logged in, we find that we're still not able to access the Administrator's desktop.
We generate a reverse shell payload: