7MS #475: Tales of Internal Network Pentest Pwnage - Part 27
7 Minute Security8 Heinä 2021

7MS #475: Tales of Internal Network Pentest Pwnage - Part 27

Yeahhhhhh! Today's another fun tale of pentest pwnage, including:

  • The importance of starting your pentest with an AD account that actually has access to...ya know...stuff

  • The importance of starting your pentest plugged into a network that actually has...you know...systems connected to it!

  • This BHIS article is awesome for finding treasures in SMB shares

  • PowerUpSQL audits are a powerful way to get pwnage on a pentest - check out this presentation for some practical how-to advice

  • IPMI/BMCs often have weak creds and/or auth bypasses so don't forget to check for them. Rapid7 has a slick blog on the topic.

  • Don't forget to check for vulnerable VMWare versions because some of them have major vulnerabilities

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
the-ulkopolitist
rss-hyvaa-huomenta-bryssel
rss-raha-talous-ja-politiikka
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
rss-kalevi-sorsa-saation-podcast
rss-kaikki-paskaksi-ystavat
rss-kaikki-uusiksi
rss-tyolinjalla-pekka-sauri