Explore >> Select a destination
|
You are here 
|
andrewroderos.com | ||
| | | | |
blog.flanker017.me
|
|
| | | | | Testing Empire as post-exploitation framework in domain environment Due to recent research on Red-Blue Team Operations, I became interested in various post-exploitation framework. Since the widely ... | |
| | | | |
0xdf.gitlab.io
|
|
| | | | | Reel was an awesome box because it presents challenges rarely seen in CTF environments, phishing and Active Directory. Rather than initial access coming through a web exploit, to gain an initial foothold on Reel, I'll use some documents collected from FTP to craft a malicious rtf file and phishing email that will exploit the host and avoid the protections put into place. Then I'll pivot through different AD users and groups, taking advantage of their different rights to eventually escalate to administrator. In Beyond Root, I'll explore remnants of a second path to root that didn't make the final cut, look at the ACLs on root.txt, examine the script that opens attachments as nico. | |
| | | | |
bogs.io
|
|
| | | | | An extensive walk-through the popular methods of exploiting SMB using tools such as Metasploit, Reponder, psexec | |
| | | | |
www.ayende.com
|
|
| | | |||
