TryHackMe-THROWBACK-TBSEC-DC01

We have the credentials from the email

TBSEC_GUEST:WelcomeTBSEC1!

But in order to login I tried using win-rm and ssh both failed then I tried with RDP and got access

Run powershell-empire --rest and starkiller

We have our listener ready

For setting a stager

Now we need to deliver this bat file to target

Run the built in rubeus from starkiller

You can easily transfer the file by simpling clicking Download icon

On running hashcat we will crack the hash

We can now login through RDP with that account