In this phase of the engagement, Inlanefreight Ltd expanded the scope to include a second internal server that is accessible to all users on the internal network. Due to its broad accessibility, this system represents a common and attractive target for attackers seeking initial access or lateral movement.
This lab focuses on identifying exposed services, information disclosure, and misconfigurations through careful footprinting and enumeration, reflecting realistic attacker reconnaissance behavior.
The scope of this lab is limited to the second internal server added to the assessment. The objective is to enumerate the system using non-intrusive techniques and determine how gathered information could be leveraged against the server itself.
To validate successful enumeration, the goal is to obtain the credentials for the user account HTB, which was created by the client for proof of access.
All testing was conducted under the same constraints: