This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 1%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
For this level, you must successfully authenticate to the Domain Controller host at 172.16.5.155 via SSH after first authenticating to the target host. This host seems to have several PowerShell modules loaded, and this user's flag is hidden in one of them. (How can we view loaded modules and their members?) this is the hint they have given
Note: this is only for educational Purposes, so I am asking for help. what you gave above does not solve the problem?
You can check the modules loaded with
Get-Module
and then check the members with
Get-Module _ModuleName_ | Get-Member
Good luck "hacking the box"
If this or any other reply helped solve your question, please remember to upvote and/or "Accept Answer".
It helps others facing similar issues find the solution.