Internal Phishing

Open a browser on Attacker Desktop, navigate to https://mail.cyberbotic.io and login with the obtained credentials.

Even though the text label says Domain\username, the username@domain format works just fine.

Access to one or more internal mailboxes opens up many possibilities. We can search for emails that may contain sensitive information such as documents, usernames and passwords; and even send emails to staff on behalf of the compromised user. We can send files and/or links that we craft ourselves, or even download a document already in an inbox, backdoor it (e.g. with a macro) and send it back to somebody.

PreviousPassword Spraying NextInitial Access Payloads

Last updated 1 year ago