Hi, today’s tale of pentest pwnage covers a few wins and one loss:

  1. A cool opportunity to drop Farmer “crops” to a domain admin’s desktop folder via PowerShell remote session
  2. Finding super sensitive data by dumpster-diving into a stale C:\Users\Domain-Admin profile
  3. Finding a vCenter database backup and being unable to pwn it using vcenter_saml_login

Written by: Brian Johnson

Share on socials: