To set things off, Nmap shows the box to have quite usual Windows box services and ports open: Here we can see the BLACKFIELD.local domain, which will be useful later. For more enumeration, I prefer to initial scanning with enum4linux: No luck this time with enum4linux, need to try other methods. SMB enumeration could show … Continue reading HackTheBox Blackfield writeup