HackTheBox – RE

Download now

[ Direct download link (Windows) ]

We Are pleased to announce our new tool, HackTheBox – RE has been added to our website. This tool has been well tested for extended period of time and has been 100% successful with all integrated features.

For copyright reasons program features won’t be described in this page publicly, to see all instructions and feature list, please download and open .exe file and extract notes.txt file, there is everything that you need for HackTheBox – RE use.

All our tools has built in Proxy and VPN support for your anonymity. You can add your own proxy or use our fault built in VPN.

Of course HackTheBox – RE supports Windows and MAC Os Platforms. And some of the latest mobile platforms.

For questions, support or error report please contact us.

--- --- --- --- ---

00:30 – Begin of Recon
01:55 – Creating an entry in /etc/hosts for reblog.htb (found on webpage)
04:00 – Reading each blog post and taking notes
07:50 – Poking at SMB to see MALWARE_DROPBOX
08:30 – Digging into why SMBMAP says READ_ONLY. Don’t get anywhere but its an impacket thing?
12:45 – Installing LibreOffice, then creating a macro to ping us
16:45 – Obfuscating the macro by placing it over multiple lines (do LOLBINS at end of video)
18:00 – Converting our obfuscated macro to a powershell cradle/one lienr (iconv to make it UTF-16LE)
22:20 – Reverse Shell returned as LUKE, showing a way to get a logged in users hash and attempting to crack
26:25 – Running WinPEAS.bat (will do EXE at the end of the video)
35:45 – Going over the process_sample.ps1 script to discover a potential WinRAR Vulnerability
38:09 – Using evilWinRAR to generate a ZipSlip like file, forget a trailing slash and do quite a bit of troubleshooting
49:00 – Switching up the ASPX Shell by using one from the TennC Repository
52:35 – Reverse shell as the IIS User
53:30 – Doing a Ghidra XXE Vulnerability to steal the users hash
57:00 – Copying the XXE Vulnerability in POC
01:04:45 – Lol. Found what out i was zipping the file incorrectly
01:07:30 – Cracking the new hash we just got
01:09:20 – Using Powershell to Invoke-Command with a different user
01:12:55 – Begin of unattended route (Changing macro to be RevSvr32 with an SCT File instead of CMD /c)
01:21:20 – Downloading SharpUp and WinPEAS to compile executables
01:27:30 – Using rlwrap for our reverse shell so we have a semi-proper TTY on Windows
01:28:45 – Running PowerUp to identify the bad service and playing with a few commands to show what is happening
01:33:10 – Running WinPEASEXE to show the output
01:35:30 – Enabling RDP so we can see the error message SharpUp threw
01:37:50 – Changing DotNet version in the project properties to get SharpUp working on the box

HackTheBox – RE
How to install:
– Download, extract and run .exe file,
(If your antivirus blocking file, pause it or disable it for some time.)
– Choose destination folder

How to Use:
Open destination folder and locate file notes.txt, open it and read step by step.
Enjoy!

Don’t forget to read instructions after installation.
Enjoy HackTheBox – RE.

All files are uploaded by users like you, we can’t guarantee that HackTheBox – RE are up to date.
We are not responsible for any illegal actions you do with theses files. Download and use HackTheBox – RE on your own responsibility.