Today we have a brand new set of labs related to AWS-2024-006 (unattend.xml Privilege Escalation)
On Wednesday, June 11, 2024, AWS released details on a vulnerability to the VMIE service, discovered by Immersive Labs and identified as AWS-2024-006. It's an insufficiently-protected credentials vulnerability in the Sysprep process, which can be exploited to gain local privilege escalation from cleartext credentials.
In this lab, you have access to a vulnerable Windows server and need to identify and extract the credentials to gain administrator-level access.
Who's it for?
- Penetration Testers
- Red Teamers
- Incident Responders
- Threat Hunters
What are the key takeaways?
- Locate and abuse cached credentials related to unattended installations
- Demonstrate how cleartext credentials can be abused by malicious actors
Cyber Pro licensed users can access the new collection here.
You can read more about the security weakness here.
Updated 6 months ago
Version 2.0
BenMcCarthy
Immerser
Immerser
