Ransom - Post Exploitation

[zer0d4y]

Hello,
(i hope this is the right section to post)
who is experienced with post exploitation regarding ransomware deployment in a corp. network?
Does it make sense to use customized ransomware from github compared to RaaS ?

 

[Octoberine]

Hello!
RaaS is more much more advanced(much fuster, much more functions for working with the network e t.c.) than any implementation I've ever seen on github.

 

[zer0d4y]

apart from crypt speed and compatibility what are the most important features to look out for? What are the "best" ransomware currently out there?
Is Domain Admin mandatory or can some auto exploit with CVE?

 

[Pent]

apart from crypt speed and compatibility what are the most important features to look out for? What are the "best" ransomware currently out there?
Is Domain Admin mandatory or can some auto exploit with CVE?

yes Domain Admin

 

[rlz]

important to check for cloud backups, red tape on the network. With experience come the knowledge and 2 Commas

 

[zer0d4y]

yes backups was the next question:
generally speaking raas is profitable for big networks. however big networks use backup techniques. how does ransomware work with backups?

 

[rlz]

Learn from the expert.

GitHub - dafthack/CloudPentestCheatsheets: This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers. - dafthack/CloudPentestCheatsheets

github.com

 

[zer0d4y]

Learn from the expert.

GitHub - dafthack/CloudPentestCheatsheets: This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers. - dafthack/CloudPentestCheatsheets

github.com

thanks! understood.

 

[r00tg0d]

You can get much better efficiency by using the existing CVEs exploit and lateral movement. However, that the ransomware you choose should be compatible and fast..Finally, make sure that the company cannot access the backups, otherwise what you do may not work and your labor can be wasted.