Vulnhub InfoSec Prep: OSCP Walkthrough

by Vince
in Blog
Hits: 1885

The description states:  "This box should be easy. This machine was created for the InfoSec Prep Discord Server as a give way for a 30d voucher to the OSCP Lab, Lab materials, and an exam attempt."

Been a while since I've written I've been focusing heavily on a class but I needed a little distraction, saw the new Vulnhub look and feel, then saw this box.  I thought maybe it would be a little more OSCP-like but I think the point was to make it accessible to a wider variety of player. 

We kick off with Nmap:

Read more

SOPlanning v1.46.01 XSS / Session Hijack

by Vince
in Blog
Hits: 1127

Disclosure Date:  07/06/2020

CVE-2020-15597

SOPlanning v1.46.01 and possibly before are affected by a persistent cross site scripting vulnerability that can be leveraged for session hijacking.  An attacker can exploit the XSS vulnerability, retrieve the session cookie from the administrator login, and take over the administrator account.

Read more

Attacking Outlook Web Access

by Vince
in Blog
Hits: 765

There was a time when almost everyone had on an on-premises Exchange Server.  Out of the box, Exchange Server isn't very secure for any number of reasons and even when you harden Active Directory, Exchange is still somewhat vulnerable.  When hosted Exchange solutions became en vogue, we started migrating everyone off of their on-prem boxes and a small weight was removed from our shoulders. 

Truth be told, I haven't attacked a hosted Exchange solution -- mostly because that's a grey area and it isn't necessary, phishing will do just fine.  But when we're talking about on-prem Exchange, we'll do a little recon and then we'll go after Outlook Web Access. 

Read more