Hack The Box Challenge Series
Responder

• This was by far the toughest module I’ve tackled, but also one of the most rewarding.

• 🛠️ Key Techniques Used:

• Service enumeration with nmap, and gobuster,

• SMB enumeration + password spray using smbclient

• NTLM hash extraction & cracking via responder + john

• NTLM relay using ntlm_theft

• Webshell deployment and RunasCs.exe to execute as another user

• Lateral movement with Chisel and custom reverse shell payloads

• JuicyPotatoNG for privilege escalation to SYSTEM

• ✅ Rooted and flags captured. 🔥