Piggy Walkthrough - BTLO Labs
Walkthrough of PIGGY invesigation
Tags
Browse by tag
BTLO 1
Blobversioning 1
HTB 9
MITRE 1
application_whitelisting 1
asrep 3
brute-force 1
cloudsecurity 1
credential_compromise 1
forensics 1
ftp 1
ldap 6
on-prem 7
privesc 3
privesc_backup 1
pwnedlabs 1
smb 4
standalone 4
vulnlab 2
wireshark 1
#BTLO (1)
#Blobversioning (1)
MegaBigTech: Initial Access to Azure account via exposed Blob containers
Mega Big Tech has adopted a hybrid cloud architecture and continues to use a local on-premise Active Directory domain alongside Azure cloud services. They are concerned about being targeted due to their importance in ...
#HTB (9)
Administrator Walkthrough: Exploiting Active Directory Misconfigurations
Initial Recon
Sauna Walkthrough: From AS-REP Roasting to Domain Admin with DCSync Abuse
External Recon:
Forest Walkthrough: Exploiting AS-REP Roasting and Misconfigured AD Permissions to Compromise the Domain Controller.
Recon
Return Walkthrough: Exploiting Printer Misconfigurations
Walkthrough of HTB’s Return machine
Netmon Walkthrough: Exploiting PRTG's CVE-2018-9276
Recon
Cicada Walkthrough: Exploiting Shared Access from Guest User Privileges
Recon
Jerry Walkthrough: Brute-Forcing Default Service Credentials
Recon
Legacy Walkthrough: Exploiting vulnerable Server Service
Legacy is a fairly straightforward beginner-level machine which demonstrates the potential security risks of SMB on Windows. Only one publicly available exploit is required to obtain administrator access.
Blue Walkthrough:Exploiting CVE-2017-0144
Blue
#MITRE (1)
Piggy Walkthrough - BTLO Labs
Walkthrough of PIGGY invesigation
#application_whitelisting (1)
Escape Walkthrough: Exploiting Whitelisting and Privilege Escalation
Recon I started with a standard Nmap scan to discover open TCP and UDP ports:
#asrep (3)
Administrator Walkthrough: Exploiting Active Directory Misconfigurations
Initial Recon
Sauna Walkthrough: From AS-REP Roasting to Domain Admin with DCSync Abuse
External Recon:
Forest Walkthrough: Exploiting AS-REP Roasting and Misconfigured AD Permissions to Compromise the Domain Controller.
Recon
#brute-force (1)
Jerry Walkthrough: Brute-Forcing Default Service Credentials
Recon
#cloudsecurity (1)
MegaBigTech: Initial Access to Azure account via exposed Blob containers
Mega Big Tech has adopted a hybrid cloud architecture and continues to use a local on-premise Active Directory domain alongside Azure cloud services. They are concerned about being targeted due to their importance in ...
#credential_compromise (1)
Cicada Walkthrough: Exploiting Shared Access from Guest User Privileges
Recon
#forensics (1)
Piggy Walkthrough - BTLO Labs
Walkthrough of PIGGY invesigation
#ftp (1)
Netmon Walkthrough: Exploiting PRTG's CVE-2018-9276
Recon
#ldap (6)
Administrator Walkthrough: Exploiting Active Directory Misconfigurations
Initial Recon
Sauna Walkthrough: From AS-REP Roasting to Domain Admin with DCSync Abuse
External Recon:
Forest Walkthrough: Exploiting AS-REP Roasting and Misconfigured AD Permissions to Compromise the Domain Controller.
Recon
Return Walkthrough: Exploiting Printer Misconfigurations
Walkthrough of HTB’s Return machine
Cicada Walkthrough: Exploiting Shared Access from Guest User Privileges
Recon
Baby Walkthrough: Enumerating SMB and LDAP on Windows Server 2022
This walkthrough demonstrates how to compromise a lab machine named “Baby” from Vulnlab by enumerating services like SMB and LDAP on a Windows Server 2022 Domain Controller (DC). The goal is to perform network scannin...
#on-prem (7)
Administrator Walkthrough: Exploiting Active Directory Misconfigurations
Initial Recon
Sauna Walkthrough: From AS-REP Roasting to Domain Admin with DCSync Abuse
External Recon:
Forest Walkthrough: Exploiting AS-REP Roasting and Misconfigured AD Permissions to Compromise the Domain Controller.
Recon
Return Walkthrough: Exploiting Printer Misconfigurations
Walkthrough of HTB’s Return machine
Cicada Walkthrough: Exploiting Shared Access from Guest User Privileges
Recon
Escape Walkthrough: Exploiting Whitelisting and Privilege Escalation
Recon I started with a standard Nmap scan to discover open TCP and UDP ports:
Baby Walkthrough: Enumerating SMB and LDAP on Windows Server 2022
This walkthrough demonstrates how to compromise a lab machine named “Baby” from Vulnlab by enumerating services like SMB and LDAP on a Windows Server 2022 Domain Controller (DC). The goal is to perform network scannin...
#privesc (3)
Administrator Walkthrough: Exploiting Active Directory Misconfigurations
Initial Recon
Sauna Walkthrough: From AS-REP Roasting to Domain Admin with DCSync Abuse
External Recon:
Forest Walkthrough: Exploiting AS-REP Roasting and Misconfigured AD Permissions to Compromise the Domain Controller.
Recon
#privesc_backup (1)
Return Walkthrough: Exploiting Printer Misconfigurations
Walkthrough of HTB’s Return machine
#pwnedlabs (1)
MegaBigTech: Initial Access to Azure account via exposed Blob containers
Mega Big Tech has adopted a hybrid cloud architecture and continues to use a local on-premise Active Directory domain alongside Azure cloud services. They are concerned about being targeted due to their importance in ...
#smb (4)
Cicada Walkthrough: Exploiting Shared Access from Guest User Privileges
Recon
Legacy Walkthrough: Exploiting vulnerable Server Service
Legacy is a fairly straightforward beginner-level machine which demonstrates the potential security risks of SMB on Windows. Only one publicly available exploit is required to obtain administrator access.
Blue Walkthrough:Exploiting CVE-2017-0144
Blue
Baby Walkthrough: Enumerating SMB and LDAP on Windows Server 2022
This walkthrough demonstrates how to compromise a lab machine named “Baby” from Vulnlab by enumerating services like SMB and LDAP on a Windows Server 2022 Domain Controller (DC). The goal is to perform network scannin...
#standalone (4)
Netmon Walkthrough: Exploiting PRTG's CVE-2018-9276
Recon
Jerry Walkthrough: Brute-Forcing Default Service Credentials
Recon
Legacy Walkthrough: Exploiting vulnerable Server Service
Legacy is a fairly straightforward beginner-level machine which demonstrates the potential security risks of SMB on Windows. Only one publicly available exploit is required to obtain administrator access.
Blue Walkthrough:Exploiting CVE-2017-0144
Blue
#vulnlab (2)
Escape Walkthrough: Exploiting Whitelisting and Privilege Escalation
Recon I started with a standard Nmap scan to discover open TCP and UDP ports:
Baby Walkthrough: Enumerating SMB and LDAP on Windows Server 2022
This walkthrough demonstrates how to compromise a lab machine named “Baby” from Vulnlab by enumerating services like SMB and LDAP on a Windows Server 2022 Domain Controller (DC). The goal is to perform network scannin...
#wireshark (1)
Piggy Walkthrough - BTLO Labs
Walkthrough of PIGGY invesigation