7MS #379: Tales of Internal Network Pentest Pwnage - Part 7
7 Minute Security30 Aug 2019

7MS #379: Tales of Internal Network Pentest Pwnage - Part 7

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

This episode, besides talking about a man who screamed at me for not being on my cell phone, covers another tale of internal network pentest pwnage! Topics/tactics covered include:

  • Review of setting up your DIY pentest dropbox
  • Choosing the right hardware (I'm partial to this NUC)
  • Running Responder to catch creds
  • Using Eyewitness to snag screenshots of stuff discovered with nmap scanning
  • Nmap for Eternal Blue with nmap -Pn -p445 --open --max-hostgroup 3 --script smb-vuln-ms17-010 192.168.0.0/24
  • Running Sharphound to get a map of the AD environment
  • Cracking creds with Paperspace
  • When cracking, make sure to scrape the customer's public Web sites for more wordlist ideas!

Episoder(691)

7MS #3: Patch Strategies: Part 1 (audio)

7MS #3: Patch Strategies: Part 1 (audio)

In this episode I talk about some trends (and problems) we’re seeing on the patching front – specifically OS and third-party apps. Download: Episode 3: Patch Strategies: Part 1 (audio) Show notes: Most organizations have the Microsoft side of the house patched well – but the third party apps (Java/Flash/Reader/etc.)? Not so much…but that’s just…

13 Feb 20147min

7MS #2: The Importance of Logging and Alerting! (audio)

7MS #2: The Importance of Logging and Alerting! (audio)

In this episode I talk about how a client of ours learned a hard lesson: that the lack of logging/alerting makes for a pretty miserable investigation after they were breached. Download: Episode 2: The Importance of Logging and Alerting! (audio) Show notes: Public-facing terminal servers without 2FA basically have a sign on their back that…

1 Feb 20147min

7MS #1: Epic Introduction! (audio)

7MS #1: Epic Introduction! (audio)

In this episode, I talk about the inspiration behind the 7MS podcast and my vision for it going forward. (Admittedly, my ulterior motive is to use this intro episode to figure out how in the heck to get this podcast submitted and visible on iTunes :-). Download Episode 1: Epic Introduction to 7MS (MP3) I’ll…

1 Feb 20147min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
bt-dokumentar-2
aftenpodden-usa
forklart
stopp-verden
nokon-ma-ga
popradet
fotballpodden-2
det-store-bildet
dine-penger-pengeradet
hva-star-du-for
aftenbla-bla
frokostshowet-pa-p5
rss-dannet-uten-piano
e24-podden
rss-penger-polser-og-politikk
rss-ness
rss-borsmorgen-okonominyhetene
ukrainapodden