Breach — VulnLab | Malicious File Upload to SMB, Kerberoasting, Silver Ticket, and AV Shenanigans

The attacker begins by running a full TCP scan on the target machine 10.10.67.132 and saving the results to a file named full_tcp_scan.
The results show that port 1433 is open for Microsoft SQL Server and the attacker could attempt a SQL injection attack using a tool such as Responder to steal the NTLM hashes.
The attacker could also attempt an SMB related attack using tools such as nmap and smbclient to enumerate the machine and potentially upload a malicious file, such as JuicyPotatoNG for harvesting NTLM hashes.
Tools such as impacket and hashcat could also be used to attempt more sophisticated attacks on the machine.

Fast Feed