I began the engagement by performing a full TCP and UDP port scan with Nmap to identify open services running on the target. A SYN scan was used on all TCP ports for speed and stealth, while service detection and version enumeration were enabled to gather more detailed information. In parallel, a Read more
I began by performing a full TCP and UDP port scan to enumerate available services. It looks like we are working with an Active Directory Domain Controller from the ports that are open. I was able to collect system information through an SMB null session misconfiguration, which allowed me to Read more
As always, I start off the assessment with scanning for open TCP and UDP ports. I started looking into the ActiveMQ service and did a search for version 5.15.15. This led to the CVE-2023-46604 exploit with a public RCE on GitHub. I pulled down the exploit to my attack machine Read more