Checkpoint - HTB Machine Writeup

Difficulty: Medium | OS: Windows | Status: Completed

A walkthrough of HTB's Checkpoint machine, chaining AD object restoration, a malicious VS Code extension upload, Kerberos delegation, and DMSA BadSuccessor abuse to extract an admin hash from a VMware memory snapshot for full domain compromise.

Tags: Active Directory, BadSuccessor/DMSA Abuse, Malicious VSCode Extension

[ LOADING MACHINE DATA... ]

_

0xJerry's Lab

ONLINE

UDYAM-TN-20-0233404

Privacy Policy Terms of Service

|Built in the shadows///