The way I chose didn’t require the company’s employees to click a link or download software, and hence dependencies were taken care of. At this point, I had numerous options to proceed further, we chose the best method based on dependencies. During this phase, I found multiple critical vulnerabilities on (Special shout-out to Orange Tsai □) that could allow me to gain access to the company’s internet-facing servers and employee systems. I initiated active scans using the Red-Teaming-Toolkit on the confirmed scope and started figuring out the potential critical/high-risk vulnerabilities. Reconnaissance: During the first week, I started analyzing and verifying the information. Hence, I decided to follow the ‘Cloud Matrix’ and the general ‘Matrix for Enterprise’ approach.Īpproach: The RTO was carried out leveraging the standard MITRE ATT&CK framework and Cloud Matrix framework. During the Recon phase, I noted that the company was using a Hybrid Multi-Cloud model infrastructure, where few assets were present on the cloud and few on-premise servers. In this RTO the goal was to get access to confidential business data and successfully exfiltrate it under the radar. The company literally belonged to a different country. As this Red Team engagement was conducted during the initial period of COVID it was performed remotely. Hence, the first week of activities was mostly conducted to identify the internet-facing assets by using multiple tools and approaches. Scope & Background: The Red Team engagement highlights real-world risks by simulating an attacker who is targeting an organization. The company name is confidential so let’s call our target and RTO (Red Team Operation). Sit tight for the next few minutes you’re gonna have fun□. ![]() Dumping credentials from the VPN server to spray across the Cloud services for pivoting and other on prĭear readers, this is DhaneshDhanesh Dodia on DhaneshDodia another side of the screen and I hope you’re doing good on your side of the screen. The exploitation of the Pulse VPN application to gain full control of the VPN server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |