File Read
Now that I have a valid PowerShell session as the app user, I will be able to check the restricted file, which denied my access as the SYSTEM earlier.
ps c:\Data\Users\app> cat hardening.txt
- changed default administrator password of "p@ssw0rd"
- added firewall rules to restrict unnecessary services
- removed administrator account from "Ssh Users" groupThe hardening.txt file points out that the CLEARTEXT password of the administrator user, which is p@ssw0rd, has been CHANGED
It also mentions the presences of the Ssh Users group, which I enumerated as well.
The important thing here is the password.
That is not the current password of the administrator user, but was as the default password