I recently compromised one PC of a small business with a RAT, I would like to know some techniques to move to other computers inside the network.
-
XSS.stack #1 – первый литературный журнал от юзеров форума
how to perform lateral movments in a network?
- Автор темы therealcorleone
- Дата начала
my suggestion would be try poking around the system and use relavant post exploitation tools , mto understand environment use bloodhound and various tools ,
search for RDP sessions and many more
search for RDP sessions and many more
are you looking for system discovery or actual lateral movement?
- Автор темы
- Добавить закладку
- #4
lateral movments
You need to use cobalt strike or Metasploit upload a beacon/payload and start listening from them. Just throw that rat away it will get you exposed
These two offer mimikatz & hashdump you can use them to infect other machines
I would recommend Metasploit, you won't need to set up a server. Just port forwarding
I also recommend taking the conti training cource its leaked on github ig
Последнее редактирование:
I almost forgot you need a good pc to try attacks on since you need at least linux, 2 windows machines and the main machine to test with.
Basics:
1. Discover the live hosts/IPs which are connected to the network of the system you got access to. You can use simple tools like ipscanner/nmap or you can also code your own to get additionl details
2. Scan those live systems to find any vulnerable hosts. You must be ready with bunch of exploits. This is where CB or MSF would be of great use.
3. Once you find the vulnerable hosts, exploit them and get access over it using individual exploit or CB or MSF, etc.
4. Repeat 2 & 3 until you get what you are looking for or to compromise maximum hosts.
You should use any *inx based distro for flexibility on using any tools or adding any dependencies.
Good Luck.
1. Discover the live hosts/IPs which are connected to the network of the system you got access to. You can use simple tools like ipscanner/nmap or you can also code your own to get additionl details
2. Scan those live systems to find any vulnerable hosts. You must be ready with bunch of exploits. This is where CB or MSF would be of great use.
3. Once you find the vulnerable hosts, exploit them and get access over it using individual exploit or CB or MSF, etc.
4. Repeat 2 & 3 until you get what you are looking for or to compromise maximum hosts.
You should use any *inx based distro for flexibility on using any tools or adding any dependencies.
Good Luck.
training materials aren't available on GitHub, specially videos. only pdf are available
GitHub - ForbiddenProgrammer/conti-pentester-guide-leak: Leaked pentesting manuals given to Conti ransomware crooks
Leaked pentesting manuals given to Conti ransomware crooks - ForbiddenProgrammer/conti-pentester-guide-leak
github.com
specially designed videos. Where can you get the videos?GitHub - ForbiddenProgrammer/conti-pentester-guide-leak: Leaked pentesting manuals given to Conti ransomware crooks
Leaked pentesting manuals given to Conti ransomware crooks - ForbiddenProgrammer/conti-pentester-guide-leakgithub.com
In order to learn more
I feel like reading is more helpful here is a bunch of books I got from dread == https://drive.google.com/drive/folders/1F7D5c30nP-y_Q7SFqoRTRvJ7tl0UcY3q
and a video by the owner of cs:
and a video by the owner of cs:
Do you have working dread link?
dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion