Machine info Nest is an easy difficulty Windows machine featuring an SMB server that permits guest access. The shares can be enumerated to gain credentials for a low privileged user. This user is found to have access to configuration files containing sensitive information. Another user and password is found through source code analysis, which is used to gain a foothold on the box. A custom service is found to be running, which is enumerated to find and decrypt Administrator credentials.

Hello and welcome to my first writeup on Hack the box machines. We will be handling an easy machine named Sau. We will use real vulnerabilities that were discovered before and we will also make use of exploits that had been used before. Let’s begin. Enumaration First of all we are going to run a NMAP scan to scan for open ports. From the scan we can see that port 22 is open on which ssh runs.