🖥️
Portfolio
  • About me
  • My Mission
  • License
  • Homelab
    • Server rack
      • Pictures
      • Hardware and software inventory
    • Test range
      • Malware lab
        • Remnux and Flare VM installation
      • Proxmox
        • How to backup VM's in Proxmox
      • Breach and Attack Simulation (BAS)
        • Install MITRE Caldera
        • MITRE Caldera demo
        • Install Atomic Red team
    • SIEM Architecture
      • ELK installation
      • Splunk install and configuration
      • Forwarding Sysmon logs to Splunk
      • Cribl Edge -> Cribl Stream
      • Cribl Edge -> Splunk
      • Cribl -> Amazon S3 bucket
    • Raspberry Pi
      • Cloudflare DDNS
      • OpenVPN on Raspberry Pi
      • Pi-Hole
      • Raspberry Pi project ideas
    • Privacy
  • CTF
    • Machines
      • MongoDB
      • Explosion
      • Lame
      • Preignition
      • Jerry
      • Synced
      • Appointment
      • Blue
      • Sequel
      • Netmon
    • PicoCTF
    • Exploit tool definitions
    • Cheat sheets
      • tmux
      • Linux
  • Cybersecurity
    • Purple team content
      • Detecting Discovery commands
    • Detection As Code (DAC)
      • Sigma CI/CD
      • DAC with Elastic SIEM
    • Use case repositories
    • Frameworks
    • Tools
    • Online resources
      • MITRE
      • Splunk
      • Machine Learning
      • Ethical Hacking
      • Podcasts
      • Threat Reports
      • Detection Engineering articles
  • AI/ML
    • Tools
      • D.I.A.N.A
      • Fabric
      • Run Ollama locally
      • Using Ollama & Fabric to build Sigma rules
    • Custom prompts
      • Lessons Learned
      • Create Sigma rules
  • Scripts
    • Python
      • Elastic DAC pipeline
  • Cloud projects
    • Cloud Resume Challenge - AWS
  • BOOK CLUB
    • Lists
Powered by GitBook
On this page
  1. CTF
  2. Machines

Explosion

PreviousMongoDBNextLame

Last updated 6 months ago

In this lab, we will be exposing vulnerable remote access tools on a Windows machine.

Perform a simple NMAP scan using the-sV switch.

We can try to get remote access to the target machine by running the xfreerdp remote access tool.

Use xfreerdp /v:"Enter IP" /cert:ignore /u:Administrator to attempt to gain administrator remote access to the Windows machine. When running this command, just hit enter to confirm the administrator is not configured with a password.

Once the remote desktop connection is established, you will find the flag located in the desktop folder.

References:

2MB
explosion_lab_guide.pdf
pdf