7MS #400: Tales of Internal Pentest Pwnage - Part 14
7 Minute Security14 Feb 2020

7MS #400: Tales of Internal Pentest Pwnage - Part 14

Wow, happy 400th episode everybody! Also, happy SIXTH birthday to the 7MS podcast!

Today I've got a really fun tale of internal network pentest pwnage to share with you, as well as a story about a "poop-petrator." Key moments and takeaways include:

  • Your target network might have heavy egress filtering in place. I recommend doing full apt-get update and apt-get upgrade and grabbing all the tools you need (may I suggest my script for this?).

  • If the CrackMapExec --sam flag doesn't work for you, give secretsdump a try, as I ran it on an individual Win workstation and it worked like a champ!

  • If the latest mimikatz release doesn't rip out passwords for you, try the release from last August. For whatever reason (thanks 0xdf) for the tip!

  • If your procdumps of lsass appear to be small, endpoint protection might be getting in the way! You might be able to figure out what's running - and stop the service(s) - with CrackMapExec and the -x 'tasklist /v' flag.

  • If you need to bypass endpoint protection, don't be afraid to go deep into the Google search results. Unfortunately, I think that's all I can say about that, as vendors seem to get snippy about talking about bypasses publicly.

Has 7MS helped you in your IT and security career? Please consider buying me a coffee!

Episoder(688)

7MS #255: PwnPro 101

7MS #255: PwnPro 101

I'm kicking the tires on the PwnPro which is an all-in-one wired, wireless and Bluetooth assessment and pentesting tool. Upon getting plugged into a network, it peers with a cloud portal and lets you assess and pentest from the comfort of your jammies back at your house! Oh, and did I mention it runs Kali on the back end? Delicious. Today's episode dives into some of what I've been learning about the PwnPro as I run it through its paces at work and warm it up for our first customer assessment...

27 Apr 201710min

7MS #254: Bash Bunny

7MS #254: Bash Bunny

I've been working with the Bash Bunny for the past few weeks in preparation for a presentation/demo I'm doing in a few weeks. Today I want to talk about what the Bunny is, the cool things it can do, and some of my favorite payloads. Also, I started thinking about what conversation topics spawn from a demo of the Bunny. Specifically, I want to know how people would defend against the Bunny using AD policies, peripheral controls, etc. Check out the Hak5 thread I started about this, as it has got some great ideas.

20 Apr 201710min

7MS #253: Desperately Seeking Service Accounts

7MS #253: Desperately Seeking Service Accounts

Find the show notes here!

13 Apr 20179min

7MS #252: LAPS - Local Administrator Password Solution

7MS #252: LAPS - Local Administrator Password Solution

Show notes are here.

6 Apr 20178min

7MS #251: Blackholing Malvertising with Pi-Hole

7MS #251: Blackholing Malvertising with Pi-Hole

Show notes are here

30 Mar 201710min

7MS #250: The PBS Telethon Episode!

7MS #250: The PBS Telethon Episode!

Show notes for today's episode can be found here!

23 Mar 201710min

7MS #249: AlienVault Certified Security Engineer - Part 1

7MS #249: AlienVault Certified Security Engineer - Part 1

Show notes are here.

16 Mar 20179min

7MS #248: How to Hack the 10 O'clock News

7MS #248: How to Hack the 10 O'clock News

Show notes are here.

9 Mar 201711min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
stopp-verden
hva-star-du-for
popradet
nokon-ma-ga
fotballpodden-2
det-store-bildet
dine-penger-pengeradet
aftenbla-bla
bt-dokumentar-2
unitedno
e24-podden
rss-dannet-uten-piano
rss-ness
rss-penger-polser-og-politikk
frokostshowet-pa-p5
rss-borsmorgen-okonominyhetene