Hello everyone, I have returned to tackle part four of my series on Windows exploitation, in this episode you will learn how to exploit Process Builder utility to gain access to windows environment.
I recommend you to first try out this lab on Attack Defence => https://www.attackdefense.com/challengedetails?cid=1947
As usual, we will start with info gathering.
Using nmap to get open ports
nmap --top-ports 50000 10.5.27.126
As expected, HTTP Port 80 is open and Process Builder is being served
Also we are provided with the login credentials admin:password
If you have read my last post Windows Basic Exploitation #3. You know what the exploit is. In this I will simply execute it to retrieve the flag
You can then find the flag in
You can connect me on the following platforms