Internal Phishing

Open a browser on Attacker Desktop, navigate to https://mail.cyberbotic.io and login with the obtained credentials.

Even though the text label says Domain\username, the username@domain format works just fine.

\

\

Access to one or more internal mailboxes opens up many possibilities. We can search for emails that may contain sensitive information such as documents, usernames and passwords; and even send emails to staff on behalf of the compromised user. We can send files and/or links that we craft ourselves, or even download a document already in an inbox, backdoor it (e.g. with a macro) and send it back to somebody.