What techniques are used in Bastion?

Key techniques: windows, smb, privesc.

Bastion

EASY Windows windowssmbprivesc 30pts

Enumerate an open SMB share containing VHD backup files. Mount, extract SAM hashes, escalate.

// hints

// techniques covered

SMB Enumeration

VHD Mounting & Hash Extraction

Privilege Escalation via mRemoteNG

// walkthrough — preview

01 / SMB Enumeration

Unauthenticated SMB reveals a readable Backups share with VHD files.

smbmap -H 10.10.10.134
> Backups   READ ONLY

find /mnt/smb -name '*.vhd'
> 9b9cfbc3-...vhd  [FOUND]

… 2 more steps locked

ABOUT THIS WRITEUP

This Bastion writeup covers the full attack chain for HackTheBox Bastion, a easy Windows machine. The walkthrough covers 3 steps from initial reconnaissance to root flag capture, including detailed commands, tool usage, and exploitation techniques. Suitable for OSCP preparation and penetration testing practice.

Unlock Full Writeup — Bastion

3-step walkthrough from recon to root.
Covers windows, smb, privesc.
One-time purchase, instant access.

Open in Terminal — Subscribe for Full Access