7MS #517: DIY Pentest Dropbox Tips - Part 6
7 Minute Security22 Huhti 2022

7MS #517: DIY Pentest Dropbox Tips - Part 6

Today we're continuing a series we haven't done in a while (click here to see the whole series) all about building and deploying pentest dropboxes for customers. Specifically, we cover:

Auto installing Splashtop
This can be done automatically by downloading your splashtop.exe install and issuing this command:

splashtop.exe prevercheck /s /i confirm_d=0,hidewindow=1,notray=0,req_perm=0,sec_opt=2

Auto installing Ninite
This can be done in a batch script like so:

agent.msi /quiet ninitepro.exe /select App1 App2 App3 /silent ninite-install-report.txt

The above command installs App1, App2 and App3 silently and logs output to a file called ninite-install-report.txt

Auto installing Uptimerobot monitoring
We do this by first creating a script called c:\uptimerobot.ps1 that makes the "phone home" call to UptimeRobot:

Start-Transcript -Path c:\heartbeat.log -Append Invoke-Webrequest https://heartbeat.uptimerobot.com/LONG-UNIQUE-STRING -UseBasicParsing Stop-Transcript

Then we install the scheduled task itself like so:

schtasks.exe /create /tn "Heartbeat" /tr "powershell -noprofile -executionpolicy bypass -file c:\uptimerobot.ps1" /rl highest /f /sc minute /mo 5 /ru "NT AUTHORITY\SYSTEM"

Jaksot(688)

7MS #40: OSCP – Part 6 (audio)

7MS #40: OSCP – Part 6 (audio)

PART SIX of a mind-bending series all about OSCP! 7MS #40: OSCP – Part 6 (audio)

31 Tammi 20157min

7MS #39: Infosec on the Disney Boat (audio)

7MS #39: Infosec on the Disney Boat (audio)

I took a Disney cruise with my family recently, and one particular aspect of the trip gave me the Big Brother heebie-jeebies. 7MS #39: Infosec on the Disney Boat (audio)

24 Tammi 20158min

7MS #38: OFFTOPIC – Health and Infosec (audio)

7MS #38: OFFTOPIC – Health and Infosec (audio)

Every once in a while I thought it would be fun to go slightly off topic and talk about other stuff I’m interested in. This episode kind of has a tech twist though. I talk about how I use my iPhone and a few apps to stay at least a little bit in shape. 7MS…

17 Tammi 20157min

7MS #37: Keimpx (audio)

7MS #37: Keimpx (audio)

Ever wanted to pass hashes a whole network at a time? Check out this episode, where I talk about one of my fav new tools called Keipmx. 7MS #37: Keimpx (audio)

10 Tammi 20157min

7MS #36: OSCP – Part 5 (audio)

7MS #36: OSCP – Part 5 (audio)

More talk about OSCP goodness. Download: 7MS #36: OSCP – Part 5 (audio)

3 Tammi 20157min

7MS #35: OSCP – Part 4 (audio)

7MS #35: OSCP – Part 4 (audio)

This is the 4th thrilling installment in our exciting series about the awesome, challenging, rage-inducing, but ultimately rewarding training and certification called OSCP. Download: 7MS #35: OSCP – Part 4 (audio)

27 Joulu 20146min

7MS #34: The Hacker Playbook (audio)

7MS #34: The Hacker Playbook (audio)

I found a great bit of reading that walks you through the “plays” of hacking – enumeration, exploitation, post-exploitation, etc. It’s a great (and affordable) book called The Hacker Playbook. Cheggitowt! Download: 7MS #34: The Hacker Playbook (audio)

14 Marras 20147min

7MS #33: ProXPN (audio)

7MS #33: ProXPN (audio)

This episode’s all about a cool product called ProXPN that I use to encrypt/anonymize my traffic for various reasons. Not a sponsored episode or anything like that, but I am a fan of this service :-). Download: 7MS #33: ProXPN (audio)

7 Marras 20147min

Suosittua kategoriassa Politiikka ja uutiset

ootsa-kuullut-tasta-2
rss-podme-livebox
aikalisa
politiikan-puskaradio
rss-ootsa-kuullut-tasta
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
aihe
rss-vaalirankkurit-podcast
rss-sinivalkoinen-islam
rikosmyytit
the-ulkopolitist
rss-raha-talous-ja-politiikka
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
radio-antro
rss-mina-ukkola
rss-merja-mahkan-rahat
linda-maria
rss-kaikki-uusiksi