Vulnlab | Tea - Gitea CI/CD, LAPS v2, WSUS

Рет қаралды 1,674

Күн бұрын

This video is a walkthrough on Tea, a chain of vulnerable machines on Vulnlab that involves Gitea Runners, Laps Version 2 & WSUS.
[ Timestamps ]
00:00 - Intro & General Enumeration
01:36 Gitea Runners
05:30 User Shell & Local Enum
08:22 Sliver Beacon & Bloodhound
11:38 Get Laps Password
13:55 WSUS
[ Pentesting & Red Teaming Labs ]
• vulnlab.com
[ Sponsors ]
• mantodeasecurity.de/en/
[ Discord ]
• / discord
[ Desktop ]
• github.com/xct/kali-clean
• www.yuumeiart.com/
[ About ]
• vulndev.io
• / xct_de
• github.com/xct
This is purely educational content - all practical work is done in environments that allow and encourage offensive security training.

Пікірлер: 5

@lukkingrow4196 5 ай бұрын

Excelent Content and lab. those are way more Realistic than HTB boxes. Amazing Brother.

@tobeatelite 5 ай бұрын

16:05 this command you use here is adapted from the nettitude blogpost, where they've setup that command for usage with PoshC2. By running it in plain command prompt, the escaping is improper (either the quotes setup, or the &&). You can see at 16:38 that the net localgroup command ended up getting evaluated immediately in your terminal hence it wasn't passed into sharpwsus as part of the argument. This is the explanation for 18:02. I'm sharing this just for the sake of completion; as you've said ofc its not really an issue for us, we can just do multiple updates :-)