# Sekhmet HackTheBox Writeup
Write-up for Sekhmet HackTheBox, CVE-2022-3506, Active Directory Exploitation

Starting Nmap 7.88 ( ) at 2022-09-10 13:01 EDT
Nmap scan report for
Host is up (0.055s latency).
Not shown: 65533 filtered tcp ports (no-response)
22/tcp open  ssh     OpenSSH 8.4p1 Debian 5+deb11u1 (protocol 2.0)
80/tcp open  http    nginx 1.18.0
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 101.02 seconds

Using `` (credit: zilla1) it is possible to tunnel through port 80 (`windcorp.htb`) and interact with Kerberos via an attack vector dubbed reverse http-pipelining.


## Install
pip install -r requirements.txt

## Usage
python3 windcorp.htb/admin -dc-host windcorp.htb