7MS #589: Tales of Pentest Pwnage - Part 51
7 Minute Security15 Syys 2023

7MS #589: Tales of Pentest Pwnage - Part 51

In today's tale of pentest pwnage we talk about:

  • The importance of local admin and how access to even one server might mean instant, full control over their backup or virtualization infrastructure

  • Copying files via WinRM when copying over SMB is blocked:

$sess = New-PSSession -Computername SERVER-I-HAVE-LOCAL-ADMIN-ACCESS-ON -Credential *

...then provide your creds...and then:

copy-item c:\superimportantfile.doc -destination c:\my-local-hard-drive\superimportantfile.doc -fromsession $sess
  • If you come across PowerShell code that crafts a secure string credential, you may able to decrypt the password variable with:
[System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($MyVarIWantToDecryptGoesHere))

Jaksot(681)

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
rss-raha-talous-ja-politiikka
rss-hyvaa-huomenta-bryssel
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
the-ulkopolitist
rss-kalevi-sorsa-saation-podcast
rss-sinivalkoinen-islam
rss-kaikki-paskaksi-ystavat
rss-kaikki-uusiksi