One of VBScripts boxes on windows focuses heavily on reversing applications to crack credentials. Run Nmap Only 445 is open? Lets run again with the -p- flag to confirm, feeling like another evil-winrm box. Foothold Enumeration Running a quick nmap scan for vulnerabilities doesn’t give us anything. We get the hostname. Enum4Linux doesn’t get us … Continue reading Nest