Fuck everything.
So, a long time ago I managed to break into the Italian Red Cross network.
I met as EDR / XDR, Trend Micro Apex One. Worst defence solution ever.
Even with a simple PHP shell, it was neither seen nor blocked. In short, better that way, right?
Becoming admin of the company network (Active Directory) was relatively easy.
No kerberoast, no s4u or anything like that.
The machines that allowed me access from the outside were also vulnerable to various known exploits that allowed LPE.
The funny thing? The 'master' password was used almost everywhere.
From local accounts to AD network accounts.
"Sviluppo.1864" or "Sviluppo.1864!" very fun and easy.
Also it was enough to act at night, because their EDR was sending alerts/events to their internal JIRA.
In short it was easy and not difficult at all, the only problem was when I caught 13TB of internal and non-internal videos. Which were excluded completely from the dump because it would have taken too long and made a lot of "noise" in the network and their internal fortinet systems.
Other than that, enjoy the internal source codes, databases, some backups and much more.
I did not put ransomware simply because I find it very unnecessary and skidding, personally.
I just have a request, if you can mirror as much as you can, because the DCMA and basic policies of Gofile, pretty much suck.
Have a good day everyone, especially the TI companies and see you next time! o/
PS.
Also, if you want, I always have a hidden backdoor to log in again, if you want, I can send it to you in PM for those who are interested and want to continue having fun
I hope this is the right place, if not, please move it or let me know where to post it.
Images:
