HackTheBox — CrownJewel-2 Sherlock Walkthrough
Tags
attack-pattern: | Data Direct Hardware - T1592.001 Ntds - T1003.003 Server - T1583.004 Server - T1584.004 Credential Dumping - T1003 |
Common Information
Type | Value |
---|---|
UUID | 86c025ed-f85d-44a8-91ed-221370281e86 |
Fingerprint | a11e2453d5e30490 |
Analysis status | DONE |
Considered CTI value | -2 |
Text language | |
Published | Dec. 23, 2024, 12:02 a.m. |
Added to db | Dec. 23, 2024, 1:26 a.m. |
Last updated | Dec. 23, 2024, 8:20 a.m. |
Headline | HackTheBox — CrownJewel-2 Sherlock Walkthrough |
Title | HackTheBox — CrownJewel-2 Sherlock Walkthrough |
Detected Hints/Tags/Attributes | 47/1/14 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 22 | app.hackthebox.com |
|
Details | Domain | 4699 | github.com |
|
Details | Domain | 417 | attack.mitre.org |
|
Details | File | 71 | ntdsutil.exe |
|
Details | File | 24 | vssvc.exe |
|
Details | Github username | 20 | mandiant |
|
Details | MITRE ATT&CK Techniques | 76 | T1003.003 |
|
Details | MITRE ATT&CK Techniques | 322 | T1003 |
|
Details | Url | 1 | https://app.hackthebox.com/sherlocks/crownjewel-2 |
|
Details | Url | 7 | https://github.com/mandiant/flare-vm |
|
Details | Url | 5 | https://attack.mitre.org/techniques/t1003/003 |
|
Details | Url | 1 | https://learn.microsoft.com/en-us/windows/win32/extensible-storage-engine/extensible-storage-engine-managed-reference |
|
Details | Url | 1 | https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/auditing/event-4799?source=post_page |
|
Details | Url | 1 | https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc753343(v=ws.11 |