7MS #475: Tales of Internal Network Pentest Pwnage - Part 27

Yeahhhhhh! Today's another fun tale of pentest pwnage, including:

The importance of starting your pentest with an AD account that actually has access to...ya know...stuff
The importance of starting your pentest plugged into a network that actually has...you know...systems connected to it!
This BHIS article is awesome for finding treasures in SMB shares
PowerUpSQL audits are a powerful way to get pwnage on a pentest - check out this presentation for some practical how-to advice
IPMI/BMCs often have weak creds and/or auth bypasses so don't forget to check for them. Rapid7 has a slick blog on the topic.
Don't forget to check for vulnerable VMWare versions because some of them have major vulnerabilities

Oppdag Premium

Prøv 14 dager gratis

Hør populære podkaster som Storefri med Mikkel og Herman, Ida med hjertet i hånden, Krimpodden og mye mye mer

I appen skaper du ditt eget bibliotek med favoritter, og vi gir deg også anbefalinger til podkaster du ikke kan gå glipp av.

Dersom du er ny Podme-bruker får du 14 dager gratis prøveperiode når du oppretter abonnement

kr 99/mnd

kr 129/mnd

Ubegrenset tilgang til alle dine favorittpodkaster