7MS #650: Tales of Pentest Pwnage - Part 65
7 Minute Security15 Nov 2024

7MS #650: Tales of Pentest Pwnage - Part 65

Oooooo, giggidy! Today is (once again) my favorite tale of pentest pwnage. I learned about a feature of PowerUpSQL that helped me find a “hidden” SQL account, and that account ended up being the key to the entire pentest! I wonder how many hidden SQL accounts I’ve missed on past pentests….SIGH! Check out the awesome BloodHound gang thread about this here.

Also, can’t get Rubeus monitor mode to capture TGTs to the registry? Try output to file instead:

rubeus monitor /interval:5 /nowrap /runfor:60 /consoleoutfile:c:\users\public\some-innocent-looking-file.log

In the tangent department, I talk about a personal music project I’m resurrecting to help my community.

Episoder(682)

7MS #2: The Importance of Logging and Alerting! (audio)

7MS #2: The Importance of Logging and Alerting! (audio)

In this episode I talk about how a client of ours learned a hard lesson: that the lack of logging/alerting makes for a pretty miserable investigation after they were breached. Download: Episode 2: The Importance of Logging and Alerting! (audio) Show notes: Public-facing terminal servers without 2FA basically have a sign on their back that…

1 Feb 20147min

7MS #1: Epic Introduction! (audio)

7MS #1: Epic Introduction! (audio)

In this episode, I talk about the inspiration behind the 7MS podcast and my vision for it going forward. (Admittedly, my ulterior motive is to use this intro episode to figure out how in the heck to get this podcast submitted and visible on iTunes :-). Download Episode 1: Epic Introduction to 7MS (MP3) I’ll…

1 Feb 20147min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
stopp-verden
popradet
dine-penger-pengeradet
det-store-bildet
fotballpodden-2
nokon-ma-ga
aftenbla-bla
e24-podden
unitedno
rss-ness
rss-fredrik-og-zahid-loser-ingenting
rss-penger-polser-og-politikk
bt-dokumentar-2
oppdatert
skartveit
ukrainapodden