![]() I’ve seen this a couple of times before, but never had to try and actively exploit it. One or more of the iSCSI (Internet Small Computer Systems Interface) targets on the remote host are configured not to use an authentication mechanism, potentially allowing unauthorized access to the targets. I’d never needed to exploit this before as there had always been an easier route to domain admin. Nmap’s scripting engine has a script – iscsi-info – which indicated that a number of iSCSI targets were available and required no authentication. ![]() We needed to go deeper.Ī full port scan of one host had shown that port 3260 – iSCSI – was open. Machines were patched, responder.py wasn’t delivering the goods, and no common passwords were in use. On a recent test, none of the common tricks for getting a foothold onto the Windows network were working. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |