Relevant | Nmap, smbclient, evil-winrm

Penetration Testing Challenge

a

1. nmap -A <ip>
2. smbclient -L //<ip>
3. check smb share
4. check passwords
5. evil-winrm -i <ip> -u <user> -p '<password>' check creds for smb share access
6. dir enumeration on 2nd iis, using directory-list-2.3-medium.txt
7. same names?
8. test upload
9. upload shell
10. get flag
11. escalate, printer spoof
12. get flag