Blog Post

The Human Connection Blog
1 MIN READ

New Cyber Threat Intelligence Lab release!

BenMcCarthy's avatar
BenMcCarthy
Icon for Immerser rankImmerser
7 months ago

Today we have a brand new set of labs related to AWS-2024-006 (unattend.xml Privilege Escalation)

On Wednesday, June 11, 2024, AWS released details on a vulnerability to the VMIE service, discovered by Immersive Labs and identified as AWS-2024-006. It's an insufficiently-protected credentials vulnerability in the Sysprep process, which can be exploited to gain local privilege escalation from cleartext credentials.

In this lab, you have access to a vulnerable Windows server and need to identify and extract the credentials to gain administrator-level access.

Who's it for?

  • Penetration Testers
  • Red Teamers
  • Incident Responders
  • Threat Hunters

What are the key takeaways?

  • Locate and abuse cached credentials related to unattended installations
  • Demonstrate how cleartext credentials can be abused by malicious actors

 

Cyber Pro licensed users can access the new collection here.

You can read more about the security weakness here.

Updated 7 months ago
Version 2.0