all InfoSec news
VulnLab: Baby2
Oct. 18, 2023, 2:27 p.m. | Ryan Yager
System Weakness - Medium systemweakness.com
Today we are going to look at a medium box on VulnLab, Baby2. As usual we start off with a port scan:
Lets add the domain name to our /etc/hosts:
nxc smb 10.10.122.38
Checking for an null sessions we find that SMB allows for null:
We can see what we can read or read/write to with netexec (newest version of crackmapexec):
nxc smb 10.10.122.38 -u anonymous -p '' --shares
We get some usernames:
smbclient \\\\10.10.122.38\\homes
Lets put these users into …
More from systemweakness.com / System Weakness - Medium
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Security Engineer II- Full stack Java with React
@ JPMorgan Chase & Co. | Hyderabad, Telangana, India
Cybersecurity SecOps
@ GFT Technologies | Mexico City, MX, 11850
Senior Information Security Advisor
@ Sun Life | Sun Life Toronto One York
Contract Special Security Officer (CSSO) - Top Secret Clearance
@ SpaceX | Hawthorne, CA
Early Career Cyber Security Operations Center (SOC) Analyst
@ State Street | Quincy, Massachusetts