Skip to main content

Documentation Index

Fetch the complete documentation index at: https://rootea.es/llms.txt

Use this file to discover all available pages before exploring further.

StreamIO

··
Operating systemWindows
DifficultyMedium
IP10.10.10.151
Retirement date
SkillsSSL Certificate Enumeration SMB Enumeration Kerberos User Enumeration (Kerbrute) ASREPRoast Attack (Failed) SQL Injection (MSSQL) - WAF Bypass NTLM Hash Stealing through SQL Injection (xp_dirtree) Cracking Hashes Local File Inclusion (LFI) LFI + Wrappers (base64 encoding) Remote File Inclusion (RFI) RFI + RCE via malicious PHP script Information Leakage - Database administrator user credentials Enumerating the database with sqlcmd Password sprying with CrackMapExec Abusing WinRM - EvilWinRM Abusing Firefox Stored Profile Passwords - Firepwd Bloodhound Enumeration Playing with SharpHound.ps1 - Puckiestyle Abusing WriteOwner privilege over a group - PowerView.ps1 Playing with Add-DomainObjectAcl && Add-DomainGroupMember utilities Getting LAPS Passwords - ldapsearch [Privilege Escalation]

Writeups

LanguageAuthorFormatLink
🇪🇸 ESS4vitarVídeoOpen
🇬🇧 EN0xdfTextoOpen
🇬🇧 ENIppSecVídeoOpen

Skill resources

Curated documentation for each technique listed in the Skills column above. Sources: HackTricks, GTFOBins, PortSwigger, etc.
SkillSourceLink
Remote File Inclusion (RFI)HackTricksOpen
Local File Inclusion (LFI)PayloadsAllTheThingsOpen
SQL InjectionHackTricksOpen
BloodHoundHackTricksOpen
BloodHoundBloodHound docsOpen
AS-REP RoastingHackTricksOpen
SMB (139/445)HackTricksOpen
Remote Code Execution (RCE)HackTricksOpen