Today we have a brand new set of labs related to AWS-2024-006 (unattend.xml Privilege Escalation)
On Wednesday, June 11, 2024, AWS released details on a vulnerability to the VMIE service, discovered by Immersive Labs and identified as AWS-2024-006. It's an insufficiently-protected credentials vulnerability in the Sysprep process, which can be exploited to gain local privilege escalation from cleartext credentials.
In this lab, you have access to a vulnerable Windows server and need to identify and extract the credentials to gain administrator-level access.
Who's it for?
- Penetration Testers
- Red Teamers
- Incident Responders
- Threat Hunters
What are the key takeaways?
- Locate and abuse cached credentials related to unattended installations
- Demonstrate how cleartext credentials can be abused by malicious actors
Cyber Pro licensed users can access the new collection here.
You can read more about the security weakness here.
Updated 10 months ago
Version 2.0
BenMcCarthy
Immerser
Immerser