πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Search…
πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Introduction
Red Team
Red Team Techniques
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral Movement
Active Directory
Active Directory
Active Directory Attacks
Red Team Infrastructure
RED TEAM INFRASTRUCTURE
Domain Name and Categorization
Reconnaissance
Weaponization
Delivery
Situational Awareness
Credential Dumping
Persistence
Defense Evasion
Privilege Escalation
Lateral Movement
RDP
PowerShell Remoting
Powered By GitBook
RDP
Remote Desktop Protocol is a GUI interface that Microsoft has built for users when trying to access a remote workstation usually running on Port 3389, this is great for employees working in remote locations trying to access the network environment.
Usually, to jump around workstations utilizing the RDP protocol a user must have special permissions to remote onto another box with the current user's permissions, on the other hand, Administrators of a Domain (Domain Admins) Or local Administrators of the box can RDP.
The following demonstration will show the use of RDP has Lateral Movement
Attacker Box RDPs into the user’s workstation
Our enumeration says that the HelpDesk user has permission to RDP onto the Desktop-Bravo workstation from the Desktop-Alpha workstation, we will enter the credentials from the user
And we will successfully have moved from Alpha to Bravo via RDP
Previous
Lateral Movement
Next
PowerShell Remoting
Last modified 29d ago
Copy link