all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exploring Weasel: A Windows Privilege Escalation Journey

Add to bookmarks
Nov. 3, 2023, 8:06 a.m. | 0xViKi

System Weakness - Medium systemweakness.com

In this blog post, I’ll take you on a journey through an infosec writeup that revolves around a penetration test on a Windows system, focusing on enumeration, initial foothold, and privilege escalation. The target system is codenamed “Weasel.”

Gathering Information

Nmap:

Our journey starts with an Nmap scan to gather information about the target system.

sudo nmap -sV -sC <IP>
Nmap Scan

The scan reveals open ports and services:

  • Port 22: OpenSSH for Windows 7.7.
  • Port 135: Microsoft Windows RPC. …

blog blog post enumeration escalation gathering information infosec journey nmap penetration penetration test privilege privilege escalation scan sudo system target test thm-writeup windows windows system writeup

Visit resource

More from systemweakness.com / System Weakness - Medium

The Future of Programming: A Look at Emerging Languages Shaping Software Development 1 day, 20 hours ago | systemweakness.com
address article changing development +14
Cyber Detectives Unite: Advanced Tools for Web Security 1 day, 20 hours ago | systemweakness.com
bug bounty computer science cybersecurity ethical hacking +1
Mittre Att&ck‘s User Manual 2 days, 16 hours ago | systemweakness.com
adversary amp att attacks +22
Unveiling the Hidden: A Guide to Passive Subdomain Enumeration 2 days, 16 hours ago | systemweakness.com
bug bounty hacking security technology +1
Limit Requests to EC2 Instances to Cloudflare Only IPs 2 days, 16 hours ago | systemweakness.com
aws aws lambda cloudflare security +1
Canary Codes for Curious Minds 2 days, 16 hours ago | systemweakness.com
canary tokens hacking ip address location +1
Zero Trust Network Access 3 days, 14 hours ago | systemweakness.com
least privilege microsegmentation network security virtual private network +1
Ransomware-as-a-Service: Democratizing Digital Destruction and How to Fortify Your Defenses 3 days, 14 hours ago | systemweakness.com
as-a-service attacks businesses critical +24
Detecting Mobile Threats: Indicators of Compromise 3 days, 14 hours ago | systemweakness.com
business compromise continue cybersecurity +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs