While most of us in the world of offensive security love getting domain administrator (DA) when doing assessments. How many of you know how the issue occurs, how to defend against it and how to properly remediate it?
Tl;DR I found a misconfigured host & leveraged a few vulnerabilities to gain the final end goal of remote code execution!
IPv6 is the demon that many testers dare not touch very often as it is still not the norm or widely adopted. Don't get me wrong, it is available(it has been for
I get loads of messages on various mediums each week asking about how to get into information security & bug hunting. Queries range from how to do things through to how to get into