Challenge - Carving Disk Images

Carving disk images - The goal of this lab will be to gain Local Administrative access to the Admin Workstation via information found in a backup image. An implant was set up on the backup server to call out to the attacking machine on port 4321 every 15 seconds. It will allow direct access to it and the admin network.

Overview

Level – intermediate

Skills Needed – nt hash cracking, mounting virtual disks, enumeration of important files, remote desktop

Goal – To gain local admin access to the Admin workstation

Known Network(s) – 192.168.1.0/24, 10.10.10.8/29, 10.10.30.16/28, 10.10.50.16/28, 10.10.70.16/28, 10.10.40.8/29

Tools used – command line, Metasploit, john the ripper, diskpart, remote desktop

Courses

Cyber Challenge Range