![]() In this particular engagement, we decided the safest thing we could do was to deploy a Virtual Machine in their Private Cloud, install Docker on that VM, transfer a prebuilt Kali image onto the VM through a pivot host, and install the Kali image in Docker. ![]() And if your target is performing egress filtering either to the Internet or between secured segments within their cloud, then installing packages may not even be an option. Additionally, if your target has robust network monitoring in place you may want to carefully consider the repositories you’re pulling packages and source code from. If you were to do this without using the Penetration Tester’s Framework (PTF) you might not have a fun time. You can certainly build a Virtual Machine for yourself and then install nmap and/or Metasploit. Occasionally clients aren’t as comfortable about a potentially rogue device on their network, so we may build out a VM or a Kali container for them to deploy on their Private Cloud.īut let’s say that you’re performing a Red Team engagement and you’re able to gain access to your target’s Cloud Provisioning tools. When we perform Internal Pentest engagements sometimes we’ll send a phone-home device instead of a consultant. This occurs occasionally during our Red Team engagements, where it would just be great if we just had nmap or Metasploit deployed somewhere inside our client’s environment. Sometimes, on engagements, you don’t have the exact tools you’d like immediately available. The full story surrounding the team’s accomplishment is best for another blog, however today we’ll discuss what we did after gaining access to the client’s Private Cloud Provisioning software. ![]() Having lost our foothold, we identified a new opportunity and gained access via their Citrix deployment. We breached the client’s perimeter through a fairly uncommon application server, however, due to the risk of that initial foothold our client chose correctly to close the access after we could demonstrate lateral movement capability. ![]() This is a story from one of our more recent Red Team engagements and what we did after gaining access to the target client’s environment. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |