Academy Training: Man in the Middle

Discussion in 'Missions Center' started by Hermler, Nov 25, 2018.

  1. Hermler

    Hermler New Agent

    Okay, got a bit of a problem.

    In part 3, there is a bit of work to do with the results of the previous two parts you have gathered.

    I have completed the first task of part 3, which is rather simple and just one easy command.
    Afterward, it says to connect to the active directory and get the password policies. I am stuck on this part.

    I have used the active directory to get the users of the four departments, but each one I try in password attack comes up as a host or user error. Under policies and resources part, it is completely blank. I have tried WMI and even hydra. WMI gives one result of the dig with active and up to date security and Hydra doesn't do anything.

    I am a bit stuck here based on the stuff I tried in the spoiler. I imagine you use the file browser in some way, but with knowing the password to an account, it can't be used.

    Help? :)
  2. Sytthas

    Sytthas New Agent

    Yeah, same problem here. I skipped that step, and have succeeded in all but that step and the very last step, but am hung up on completing the whole thing for the exact same reason (which I suspect is an error-- I don't think it's meant to be empty).

    I mean, seriously-- even if they are a rather incompetent intelligence organization-turned-drug cartel-turned-strange alternate timeline pulp tropic pilots-or-something, they should at least have some policies in place.
    Last edited: Nov 25, 2018
  3. Radeon

    Radeon Active Agent


    I dont think its supposed to be empty.
    The LLMNR attack was really interesting and I 'd love to implement it into my hive.
  4. Anashel

    Anashel Puppet Master Staff Member

    Sorry, I'm trying to squash that bug. It seem after a while the AD reset and the policies are missing. It's fixed for now.
  5. Hermler

    Hermler New Agent

    Cool. Whatever you did seem to have worked. I have completed it. :)
  6. Setari

    Setari New Agent

    So where is the hash location for the password for this certification? I didn't come across one to get here, so...
  7. Hermler

    Hermler New Agent

    You should have used the man in the middle to listen in with a llmnr poisoning between 2 IP addresses. During that, someone tries to log in to their account. That is the hash of the password.

Share This Page