[Nulled] » Information security » Social Engineering » 💬 true story from Group IB. Social Engineering.
January 20 2023

💬 true story from Group IB. Social Engineering.

💬 true story from Group IB. Social Engineering.

• Today I have prepared for you another and interesting story from Group IB, accepted reading:

• Within the framework of the Red Team project, the bank had a super task - to get access to the remote banking service segment (RBS). The iteration of redtiming was far from the first, and the customer regularly conducted more classic formats like pentests and application audits. Accordingly, the perimeter was not replete with holes. We decided to test various hypotheses, including those related to incorrectly configured Wi-Fi in the offices.

• We conducted reconnaissance in several branches, chose the most suitable one with the most interesting radio broadcast and the least serious employees. One of them bought into the legend of our specialist that he urgently needs to go into online banking with a zero mobile account balance. It is logical: to pay for the Internet, you need Internet access. The employee gave out the Wi-Fi password, the specialist poked at the phone, thanked him and left. Went, of course, to the locale!

• For horizontal promotion, we used information obtained in the process of foreign intelligence: the password of an unprivileged user from #Linux servers was not too securely stored in the personal blog of one of the DB administrators. With this account, we got SSH and found a Kerberos ticket on one of the servers — already with admin privileges.

• Promoted on the host and got Linux admin users. To our surprise, the privileges of the current user were already enough to achieve the goal.

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

  • Author of the publication: web3
  • Date of publication: 20 January 2023 13:45
  • Publication category(s): Information security»,Social Engineering
  • Number of views of the publication: 191
  • Number of comments to the publication: 0

Related News

20 January 2023
Social Engineering
Social Engineering ​💬

Social Engineering ​💬 true story... 🖖🏻 Greetings to you user_name. • Today I want to share with you an interesting

Read more
20 January 2023
Social Engineering
💬 true story from Group

💬 true story from Group IB. Social Engineering. The main component of phishing is that this method of attack

Read more
20 January 2023
Social Engineering
💬 true story... Social

💬 true story... Social Engineering. • Today we are talking about social engineering, namely the hacking of the

Read more
20 January 2023
Social Engineering
💬 true story... Social

💬 true story... Social Engineering. • Technical security measures practically do not reduce the risks from attacks

Read more
20 January 2023
Social Engineering
💬 true story from Group

💬 true story from Group IB... False alarm. • Today I found for you another and interesting story from Group IB,

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +5 Total articles 6750
  • +16 Comments 4224
  • +32 Users : 6039