SDSanjit Dasin0anjit.hashnode.dev·Apr 8 · 9 min readHTB - AD Enumeration & Attacks - Skills Assessment Part IIScenario Overview Inlanefreight asked us to do a full internal penetration test to find and fix as many flaws as possible before a merger. We have access to an internal Parrot Linux VM, so stealth isn00
SDSanjit Dasin0anjit.hashnode.dev·Apr 8 · 5 min readHTB - AD Enumeration & Attacks - Skills Assessment Part IScenario Overview During an external penetration test, a team member exploited a file upload vulnerability on a public-facing web server and deployed a password-protected web shell in the /uploads dir00