Box: Sauna

Level: Easy

Lets get started

command:```

From our scan we have quite a number of ports open. We’ll start our enumeration from port 80.

Navigate to the webpage

Scrolling down, you get this

We get “client 1”, “client 2” without names of the employees.

Checking around the webpage, I found this

Scrolling down,

We now have their names revealed.

From our nmap scan we can see the kerberos service running on port 88

Lets try to get users who have this service enabled

Save the names in a file say users.txt