This is a write-up of an internal pentest we did a couple of years ago, that involved several small vulnerabilities but allowed us to successfully exfiltrate a considerable amount of information.

Everything started with a Nmap scan of a small internal subnet we were placed at. We didn’t find any promising leads, except for a single exposed SMB share which apparently a developer had created locally to share files between computers. The scan showed something like this.

Image for post

Partial results of the nmap scan

We successfully checked the access with impacket’s

Image for post

#infosec #information-security #red-team #pentesting #security

Chaining multiple vulnerabilities to exfiltrate over 250GB of PIA
1.25 GEEK