Blog Post

The Human Connection Blog
1 MIN READ

New Cyber Threat Intelligence Lab release!

BenMcCarthy's avatar
BenMcCarthy
Icon for Immerser rankImmerser
10 months ago

Today we have a brand new set of labs related to AWS-2024-006 (unattend.xml Privilege Escalation)

On Wednesday, June 11, 2024, AWS released details on a vulnerability to the VMIE service, discovered by Immersive Labs and identified as AWS-2024-006. It's an insufficiently-protected credentials vulnerability in the Sysprep process, which can be exploited to gain local privilege escalation from cleartext credentials.

In this lab, you have access to a vulnerable Windows server and need to identify and extract the credentials to gain administrator-level access.

Who's it for?

  • Penetration Testers
  • Red Teamers
  • Incident Responders
  • Threat Hunters

What are the key takeaways?

  • Locate and abuse cached credentials related to unattended installations
  • Demonstrate how cleartext credentials can be abused by malicious actors

 

Cyber Pro licensed users can access the new collection here.

You can read more about the security weakness here.

Updated 10 months ago
Version 2.0