This box afforded me the chance to play with a docker container that allows winrm connections from linux, OOB SQLi, and Metasploit’s new evasion module.
Feel free to hit me up with any questions/comments. Thanks!
it’s not for you, all writeups about giddy til now missed that: we have port 3389 open; we can get a remote desktop for the fun.
@peek said:
it’s not for you, all writeups about giddy til now missed that: we have port 3389 open; we can get a remote desktop for the fun.
Thanks for checking out the write-up! I’ve particularly enjoyed checking out everyone else’s evasion techniques.
I actually tried to access RDP, but rdesktop complained about something (i’d have to fire up everything to see the actual error). Cursory google searches weren’t fruitful, and I wanted to avoid spinning up a windows vm, so I ignored it.
metasploit is so good.haha.I like easy useful tool.
yeah, i had also an issue with rdesktop, but before to use it, we have to change registry keys and create a user. Then I used
sudo xfreerdp /u:PEEK /p:PASSWORD /v:10.10.10.104:3389