Road to Pentest – INE Lab – Black Box 3

Lab Intro You have been engaged in a Black-box Penetration Test (172.16.37.0/24 range). Your goal is to read the flag file on each machine. On some of them, you will be required to exploit a remote code execution vulnerability in order to read the flag. Some machines are exploitable instantly but some might require exploiting…

Road to Pentester – INE Lab – Metasploit

Lab Intro In this lab, you will have to use Metasploit and meterpreter against a real machine; this will help you become familiar with the Metasploit framework and its features. Solution I’m now in a 192.168.99.0/24 network. One host is alive. Finger-print the host with nmap. nmap -sC -sV -v 192.168.99.12 A lot of results….

Meterpreter

Table of Contents Extracting the Password Hashes Pass the Hash Capturing Key Strokes Token Impersonation Pivoting Through Sub-network Meterpreter Scripts Migrating to a Process Killing Antivirus Software Obtaining System Password Hashes Viewing All Traffic on a Target Machine Scraping a System Using Persistence Leveraging Post Exploitation Modules Upgrading Your Command Shell to Meterpreter Manipulating Windows…