MonitorsFour is an easy-rated Windows machine on Hack The Box exposing ports 80 and 5985 (wsman). Port 80 hosts an outdated PHP website, and a vulnerable subdomain exposes credentials. A CVE leads to RCE for the user flag. For the root flag, the internal Docker API is exploited using another CVE.
You need to be signed in to access protected stories.
For hints/guidance/requests, you can join our Discord Server
*Following HTB policies, the solutions to live machines will not be shared publicly even on the Discord server.