smb

  • 31st December 2025

Cicada writeup

writeupshack-the-boxwindowsactive-directorysmbpassword-spraysebackupprivilege

Cicada is a Windows Active Directory box that involves SMB share enumeration, password spraying, and exploitation of SeBackupPrivilege. We will discover default credentials in an HR notice, perform RID brute‑forcing to enumerate users, spray passwords to gain initial access, then leverage backup operator privileges to dump and crack password hashes for domain administrator access.

Read more 
  • 16th December 2025

Fluffy writeup

writeupshack-the-boxwindowsactive-directorysmbresponderhash-crackingcve

Fluffy is a Windows Active Directory box that focuses on SMB share enumeration and NTLM hash capture. We will exploit CVE‑2025‑24071 via Responder, crack the obtained hash, then leverage shadow credentials and the ESC16 vulnerability to gain domain administrator access.

Read more