A walkthrough of INE's eCPPT PowerShell for Pentesters CTF lab, narrated as an attack story. Starting from SMB enumeration with guest access, the attacker discovers hardcoded credentials in a PowerShell script, uses Evil-WinRM to gain remote shell access, retrieves multiple flags, and ultimately pivots into an internal network using Metasploit's autoroute and SOCKS proxy. Key lessons include the dangers of misconfigured SMB shares, credentials stored in scripts, and the power of network pivoting once initial access is achieved.
Sort: