https://hussienmisbah.github.io/tags/scf-attacks/ Recent content in Scf Attacks on 0xMesbaha Hugo en Fri, 25 Feb 2022 00:45:08 +0200 https://hussienmisbah.github.io/posts/windows-machines/2022-02-25-driver/ Fri, 25 Feb 2022 00:45:08 +0200 https://hussienmisbah.github.io/posts/windows-machines/2022-02-25-driver/ <p>In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracking the hash there is nothing that can stop us from logging in except the smb shares aren&rsquo;t accessible so we will use evil-winrm to get the initial access, for the Administrator part we will make use of the vulnerable service &ldquo;spooler&rdquo; and add a user in the administrator group.</p>