Null offensive hacking hands-on training.

Proposed sessions for this event:

  • Post Exploitation with Powersploit (Getting started) by Riyaz Walikar
Note: The session details including schedule are available below.

Post Exploitation with PowerSploit (Getting started)

Registrations open on June 1st at 10:00 PM and registrations close on June 4th 07:00 PM

The following 2 steps complete your registration. Both steps need to be completed.
1. Click on the Register button on this site and confirm registration on the next page
2. Answer the questions on this Google form. The champion will select a pre-determined number of participants based on the responses to the questions
https://docs.google.com/forms/d/e/1FAIpQLScK-gfvyzpuDb3uXBImWaTCpc6OJ3YNPdkLhQ-eIx4awD3erA/viewform


Only the final selected participants will be sent a confirmation email with the venue details. This email will be sent by Wednesday June 6th 8:00 PM. The selected participants are expected to complete all of the pre-requisites as mentioned below:

After registration, if you realise you cannot make it to the session, please un-register yourself using the "Cancel Registration" button so that your seat can be given to someone else.

Please read the following instructions carefully. This will enable us to have a smooth, hassle free session.

Important Dates:

  • Date of the event: 9th June 2018, Saturday
  • Timings: 9:30 AM - 6:00 PM
  • Registrations open: 1st June 10:00 PM, Friday
  • Registrations close: 4th June 07:00 PM, Monday
  • Emails to selected participants will be sent by: 6th June, 8:00 PM, Wednesday
  • Venue: Location will be shared with the selected participants via email

Introduction:

This will be a completely hands on session on getting started with Post Exploitation of Windows environments using PowerSploit. We will begin by setting up a Domain Environment, compromising a Windows developer machine using a web exploit and then moving on to doing system and post exploitation using PowerSploit.

At a bare minimum, the following topics will be covered:
1. Setting up a vulnerable lab to practice PowerSploit
2. Setting up a simple vulnerable Windows domain environment
3. Exploitation of Windows machine
4. PowerSploit
5. Possible DC compromise and credential dumping from NTDS

Hardware Pre-requisites (Mandatory)

  • A system capable of running Virtual Box. You can use VMWare but the champion will not troubleshoot any issues.
  • Atleast 8 GB of RAM
  • Atleast 30 GB of free space on any drive

Software Pre-requisites and configurations (Mandatory)

The following pre-requisites are mandatory. The class cannot start without this being completed.
- VirtualBox (Any version higher than 5.2.10). Please install this and come before the session. VMWare will not be supported.
- Kali Linux installed as a Virtual Box VM. 64 or 32 bit. You can download the virtual box pre-created image directly from https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-hyperv-image-download/ or setup a new machine using the ISO.
- Make sure PowerSploit is present in Kali
- Windows 10 Enterprise installed as a Virtual Machine https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
- Windows Server 2016 in Desktop Experience mode as a Virtual Machine https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016
- Download and install XAMPP on the Windows 10 Enterprise Virtual machine https://www.apachefriends.org/xampp-files/5.6.34/xampp-win32-5.6.34-0-VC11-installer.exe
- Download and deploy the SQL Injection Training App on the Windows 10 VM from - https://github.com/riyazwalikar/sql-injection-training-app
- Make sure the app is setup before coming to the class. We will troubleshoot if its not working, but please try to setup on your own first.

Virtual Machines Network configurations (Mandatory)

Set the following IP addresses to the virtual machines and ensure they are able to ping each other. The network interface type would be "Host Only Adapter" in VirtualBox.
- Host laptop/desktop - 192.168.56.1
- Kali Linux - 192.168.56.10
- Windows 10 Enterprise - 192.168.56.20
- Windows Server 2016 - 192.168.56.100

Reading up before the class

Date Saturday June 09 2018
Chapter Bangalore
Registrations 55
Max Registrations Unlimited
Event Type Invite Only
Start Time 09:30 AM
End Time 06:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
Post Exploitation with Powersploit (Getting started) Riyaz Walikar 09:30 AM 06:00 PM

Venue


This is an invite only event. If you are selected you will receive further information via e-mail.