Hey fellas!! This is Shreya Pohekar and today we’ll be walking through Control from Hackthebox. It was a hard windows machine. The initial foothold (wwwroot) to the machine exploited a sql injection, where I uploaded a web shell using the vulnerability. Getting to the user was pretty straightforward as the sqlmap listed password hashes. Privilege escalation to root required us to read…