HTB Starting Point — Explosion
Box info | OS: Windows Server 2019 Standard Build 17763 x64 | Difficulty: Very Easy | Tier: 0 | Status: Starting Point Skills: SMB enumeration, RDP basics, WinRM, blank-password credential testing Pwned: 2026-04-27 TL;DR Explosion is a Windows Server 2019 box with a single critical misconfiguration: the built-in Administrator account has a blank password. A port scan reveals SMB (445), RDP (3389), and WinRM (5985). SMB guest login enumerates the machine name and RID-cycles the Administrator account. Testing Administrator with a blank password via nxc immediately returns Pwn3d! over both SMB and WinRM. The flag sits on the Administrator’s desktop at C:\Users\Administrator\Desktop\flag.txt. The lesson: always test default and blank credentials before reaching for a wordlist. ...