7MS #428: Tales of Internal Network Pentest Pwnage - Part 20
7 Minute Security19 Elo 2020

7MS #428: Tales of Internal Network Pentest Pwnage - Part 20

Welcome to another fun tale of internal pentest pwnage! Today's tale includes these helpful informational tidbits:

  • My understanding is that in order for mitm6 relay attacks to work against DCs, those DCs have to have LDAPS config'd properly. Use nmap -sV -p646 name.of.domain.controller to verify this (thanks this site for the tip!)

  • PowerView is awesome when used with Find-InterestingDomainShareFile to find interesting files with the word password or sensitive or other helpful strings.

  • eavesarp helped me identify some weird hosts on weird subnets sending regular bursts of traffic to "interesting" hosts! Check out this video from Black Hills Infosec to learn more.

I've also got some personal updates for you, including:

  • House updates
  • Fighting with the man/woman upstairs
  • My worst Webinar nightmare came true
  • A socially distanced wedding singing experience

Jaksot(719)

7MS #350: Interview with Lewie Wilkinson of Pondurance

7MS #350: Interview with Lewie Wilkinson of Pondurance

Today's featured interview is with Lewie Wilkinson, senior integration engineer at Pondurance. Pondurance helps customers improve their security posture by providing a managed threat hunting and respo...

20 Helmi 20191h

7MS #349: Interview with Ameesh Divatia of Baffle

7MS #349: Interview with Ameesh Divatia of Baffle

Today's featured interview is with Ameesh Divatia, cofounder and CEO at Baffle. Baffle offers an interesting approach to data protection that they call data-centric protection, and the idea is you nee...

14 Helmi 201929min

7MS #348: Cell Phone Security for Tweenagers

7MS #348: Cell Phone Security for Tweenagers

Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised passw...

6 Helmi 201936min

7MS #347: Happy 5th Birthday to 7MS

7MS #347: Happy 5th Birthday to 7MS

Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised passw...

31 Tammi 201949min

7MS #346: Baby's First Red Team Engagement

7MS #346: Baby's First Red Team Engagement

WARNING: Today's episode is a bit of an experiment, and I hope you'll hang in there with me for it. I had the opportunity to do a week-long red team engagement, and so I recorded a little summary of t...

24 Tammi 201950min

7MS #345: Interview with Amber Boone

7MS #345: Interview with Amber Boone

Coming up on Tuesday, January 22 I'll be doing a Webinar with Netwrix called 4 Ways Your Organization Can Be Hacked. It features a Billy Madison theme and pits evil Eric Gordon against sysadmin Billy ...

16 Tammi 201922min

7MS #344: Announcing the 7MS User Group

7MS #344: Announcing the 7MS User Group

I'd like to coordially invite you to the first-ever 7MS User Group meeting, coming up Monday, January 14th at 6 p.m.! You can attend physically, virtually or both! All the info you need is in today's ...

9 Tammi 201911min

7MS #343: Interview with Dan DeCloss

7MS #343: Interview with Dan DeCloss

Psssst! Wanna come to the first ever 7MS User Group meeting? It's coming up on January 14th. You can join in person or virtually! Head here for more information! Dan DeCloss (a.k.a. wh33lhouse on Slac...

2 Tammi 20191h

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
tervo-halme
rss-podme-livebox
aihe
viisupodi
rss-ulkopoditiikkaa
rss-asiastudio
rss-pinnalla
the-ulkopolitist
radio-antro
rss-vaalirankkurit-podcast
et-sa-noin-voi-sanoo-esittaa
rss-mina-ukkola
rss-polikulaari-pitka-kiekko-ja-muut-ts-podcastit
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
rss-girls-finish-f1rst