7MS #354: Tales of Internal Pentest Pwnage - Part 2
7 Minute Security25 Mar 2019

7MS #354: Tales of Internal Pentest Pwnage - Part 2

Today's episode is the thrilling, exciting, heart-pounding conclusion of Tales of Internal Pentest Pwnage - Part 1. In this episode, we cover the final "wins" that got me to Domain Admin status (and beyond!):

  • Got DA but can't get to your final "crown jewels" destinations? How about going after the organization's backups (evil grin!)

  • Got DA but stuck to find hot leads to where the crown jewels are? Get snoopy and go through people's files, folders and...bookmark caches! (evil grin #2!)

  • If your nmap/eyewitness scan turns up Web sites with simply an IIS default landing page or "It works!" Apache page on it, there's probably more there than meets the eye.

We also talk about lessons learned from this pentest - both things done well and things the org can do to make the next pentester's job a lot harder.

Episoder(695)

7MS #86: OSWP-The Final Chapter!

7MS #86: OSWP-The Final Chapter!

This episode concludes the gripping, thrilling, exciting, awesome-ing, death-defying, unsettling, rattling series on OSWP (Offensive Security Wireless Professional). Specifically, I talk (as much as I can without getting into trouble) about the exam and give you some pointers to pass it!

18 Aug 20157min

7MS #85: What is The Penetration Testers Framework (PTF)?

7MS #85: What is The Penetration Testers Framework (PTF)?

Need an easy way to create a modular/mobile kit of pentest tools to take with you from machine to machine? And ALSO be able to update all those modules in one command? Then check out the PTF! That's what we're talkin' about on today's podcast.

14 Aug 20157min

7MS #84: DIY Pwn Pad

7MS #84: DIY Pwn Pad

Hey have you heard of Pwn Pads? They're an awesome network pentesting tool that leverages a Nexus tablet - which you can either buy right from Pwnie Express, or create your own if you have a certain model of Nexus lying around. I just happened to have the right Nexus model around, so this podcast episode chronicles my trial and error (mostly error) in making a DIY Pwn Pad! P.S. to get the Android tools installed on Ubuntu 14.04, run these commands: -- sudo add-apt-repository ppa:nilarimogard/webupd8 sudo apt-get update sudo apt-get install android-tools-adb android-tools-fastboot --

12 Aug 20157min

7MS #83: Wifi Pineapple First Impressions

7MS #83: Wifi Pineapple First Impressions

in this episode I talk about my first hands-on experience with a Wifi Pineapple, and why you'll probably want one too.

6 Aug 20158min

7MS #82: OSWP-Part 3

7MS #82: OSWP-Part 3

The OSWP series is coming to a close. One final episode today and then the four-quel episode will be all about the test!

4 Aug 20157min

7MS #81: OSWP-Part 2

7MS #81: OSWP-Part 2

A continuation of our thrilling, exciting, mind-blowing series on OSWP (Offensive Security Wireless Professional)!

30 Jul 20158min

7MS #80: OSWP-Part 1

7MS #80: OSWP-Part 1

This episode kicks off a multi-part series all about the OSWP (Offensive Security Wireless Professional) certification.

28 Jul 20157min

7MS #79.5: UPDATE(!) on My Love-Hate Relationship with Nessus

7MS #79.5: UPDATE(!) on My Love-Hate Relationship with Nessus

In episode #79 I shared some gripes about Nessus. Those gripes were quickly answered by Tenable staff/support so I wanted to pass relevant updates on to you!

27 Jul 20156min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
popradet
stopp-verden
fotballpodden-2
det-store-bildet
bt-dokumentar-2
dine-penger-pengeradet
nokon-ma-ga
frokostshowet-pa-p5
rss-dannet-uten-piano
aftenbla-bla
rss-penger-polser-og-politikk
e24-podden
rss-ness
unitedno
rss-fredrik-og-zahid-loser-ingenting
rss-borsmorgen-okonominyhetene