This is a write-up of an internal pentest we did a couple of years ago, that involved several small vulnerabilities but allowed us to successfully exfiltrate a considerable amount of information.
Everything started with a Nmap scan of a small internal subnet we were placed at. We didn’t find any promising leads, except for a single exposed SMB share which apparently a developer had created locally to share files between computers. The scan showed something like this.
Partial results of the nmap scan
We successfully checked the access with impacket’s smbclient.py.
#infosec #information-security #red-team #pentesting #security