7MS #533: Tales of Pentest Pwnage - Part 40
7 Minute Security12 Elo 2022

7MS #533: Tales of Pentest Pwnage - Part 40

Ok, ok, I know. I almost always say something like "Today is my favorite tale of pentest pwnage." And guess what? Today is my favorite tale of pentest pwnage, and I don't even know how it's going to end yet, so stay tuned to next week's (hopefully) exciting conclusion. For today, though, I've got some pentest tips to hopefully help you in your journeys of pwnage:

  • PowerHuntShares is awesome at finding SMB shares and where you have read/write permissions on them. Note there is a -Threads flag to adjust the intensity of your scan.
  • Are your mitm6 attacks not working properly - even though they look like they should? There might be seem LDAP/LDAPs protections in play. Use LdapRelayScan to verify!
  • Are you trying to abuse Active Directory Certificate Services attack ESC1 but things just don't seem to be working? Make sure the cert you are forging is properly representing the user you are trying to spoof by using Get-LdapCurrentUser.ps1. Also look at PassTheCert as another tool to abuse ADCS vulnerabilities.

Example syntax for LdapCurrentUser:

Get-LdapCurrentUser -certificate my.pfx -server my.domain.controller:636 -usessl -CertificatePassword admin

  • If you manage to get your hands on an old Active Directory backup, this PowerShell snippet will help you get a list of users from the current domain, sorted by passwordlastset. That way you can quickly find users who haven't changed their password since the AD backup:

get-aduser -filter * -server victimdomain.local -properties pwdlastset,passwordlastset,enabled | where { $_.Enabled -eq $True} | select-object samaccountname,passwordlastset | sort-object passwordlastset

Jaksot(682)

7MS #50: OSCP – The Final Chapter – part 2! (audio)

7MS #50: OSCP – The Final Chapter – part 2! (audio)

At last, the epic conclusion of the maddening, redeeming OSCP journey. 7MS #50: OSCP – The Final Chapter – part 2! (audio)

2 Huhti 20157min

7MS #49: OSCP – The Final Chapter – part 1! (audio)

7MS #49: OSCP – The Final Chapter – part 1! (audio)

We’ve arrived at the exciting two-part finale to my bloody battle with the OSCP! 7MS #49: OSCP – the final chapter – part 1! (audio)

31 Maalis 20157min

7MS #48: So I Gave My Eight Year Old a Computer (audio)

7MS #48: So I Gave My Eight Year Old a Computer (audio)

Is it a good idea to give young kids a computer to play with? Maybe. Maybe not. Tune in to today’s episode and weigh in! 7MS #48: So I Gave My Eight Year Old a Computer (audio)

21 Maalis 20158min

7MS #47: Logging and Alerting RELOADED (audio)

7MS #47: Logging and Alerting RELOADED (audio)

Hey, you should log the stuff going on in your network. This episode talks about that (again). And I reference some AD-related settings that may not be enabled in your environment…stuff you might want to turn on. Check out that information via this PDF here. 7MS #47: Logging and Alerting Reloaded (audio)

17 Maalis 20157min

7MS #46: So You Want to be a Hacker? (audio)

7MS #46: So You Want to be a Hacker? (audio)

So you want to be a hacker? Cool. In this episode I toss myself under the bus and share why I used to have a really dumb perspective on what that meant, and how my view of hackers – and hacking – has changed (and hopefully matured). 7MS #46: So You Want to be a…

14 Maalis 20157min

7MS #45: OFFTOPIC – Why I Stopped Pirating Software (audio)

7MS #45: OFFTOPIC – Why I Stopped Pirating Software (audio)

Warning, this is an off topic episode! I used to pirate software. There. I admitted it. But it’s funny how a letter from the Comcast legal dept. will change your mind and let you see piracy in a whole new light! 7MS #45: OFFTOPIC – Why I Stopped Pirating Software (audio)

10 Maalis 20157min

7MS #44: OFFTOPIC – Annoying People at the YMCA (audio)

7MS #44: OFFTOPIC – Annoying People at the YMCA (audio)

Warning, this is an off topic episode! Did you know it’s fun to stay at the YMCA? Did you also know it’s fun to annoy annoying people at the YMCA? Listen to this episode to find out why. 7MS #44: OFFTOPIC – Annoying People at the YMCA (audio)

7 Maalis 20157min

7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

Did you know that Web site vulnerability scanners can destroy your customer sites? If not, listen to this. 7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

28 Helmi 20157min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
rss-hyvaa-huomenta-bryssel
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
the-ulkopolitist
rss-kalevi-sorsa-saation-podcast
rss-suoraan-asiaan
rss-kaikki-paskaksi-ystavat
rss-kaikki-uusiksi
rss-raha-talous-ja-politiikka