responder

  • 16th December 2025

Fluffy writeup

writeupshack-the-boxwindowsactive-directorysmbresponderhash-crackingcve

Fluffy is a Windows Active Directory box that focuses on SMB share enumeration and NTLM hash capture. We will exploit CVE‑2025‑24071 via Responder, crack the obtained hash, then leverage shadow credentials and the ESC16 vulnerability to gain domain administrator access.

Read more