7MS #379: Tales of Internal Network Pentest Pwnage - Part 7
7 Minute Security30 Aug 2019

7MS #379: Tales of Internal Network Pentest Pwnage - Part 7

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

This episode, besides talking about a man who screamed at me for not being on my cell phone, covers another tale of internal network pentest pwnage! Topics/tactics covered include:

  • Review of setting up your DIY pentest dropbox
  • Choosing the right hardware (I'm partial to this NUC)
  • Running Responder to catch creds
  • Using Eyewitness to snag screenshots of stuff discovered with nmap scanning
  • Nmap for Eternal Blue with nmap -Pn -p445 --open --max-hostgroup 3 --script smb-vuln-ms17-010 192.168.0.0/24
  • Running Sharphound to get a map of the AD environment
  • Cracking creds with Paperspace
  • When cracking, make sure to scrape the customer's public Web sites for more wordlist ideas!

Avsnitt(688)

7MS #255: PwnPro 101

7MS #255: PwnPro 101

I'm kicking the tires on the PwnPro which is an all-in-one wired, wireless and Bluetooth assessment and pentesting tool. Upon getting plugged into a network, it peers with a cloud portal and lets you assess and pentest from the comfort of your jammies back at your house! Oh, and did I mention it runs Kali on the back end? Delicious. Today's episode dives into some of what I've been learning about the PwnPro as I run it through its paces at work and warm it up for our first customer assessment...

27 Apr 201710min

7MS #254: Bash Bunny

7MS #254: Bash Bunny

I've been working with the Bash Bunny for the past few weeks in preparation for a presentation/demo I'm doing in a few weeks. Today I want to talk about what the Bunny is, the cool things it can do, and some of my favorite payloads. Also, I started thinking about what conversation topics spawn from a demo of the Bunny. Specifically, I want to know how people would defend against the Bunny using AD policies, peripheral controls, etc. Check out the Hak5 thread I started about this, as it has got some great ideas.

20 Apr 201710min

7MS #253: Desperately Seeking Service Accounts

7MS #253: Desperately Seeking Service Accounts

Find the show notes here!

13 Apr 20179min

7MS #252: LAPS - Local Administrator Password Solution

7MS #252: LAPS - Local Administrator Password Solution

Show notes are here.

6 Apr 20178min

7MS #251: Blackholing Malvertising with Pi-Hole

7MS #251: Blackholing Malvertising with Pi-Hole

Show notes are here

30 Mars 201710min

7MS #250: The PBS Telethon Episode!

7MS #250: The PBS Telethon Episode!

Show notes for today's episode can be found here!

23 Mars 201710min

7MS #249: AlienVault Certified Security Engineer - Part 1

7MS #249: AlienVault Certified Security Engineer - Part 1

Show notes are here.

16 Mars 20179min

7MS #248: How to Hack the 10 O'clock News

7MS #248: How to Hack the 10 O'clock News

Show notes are here.

9 Mars 201711min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
svd-dokumentara-berattelser-2
rss-viva-fotboll
flashback-forever
rss-sanning-konsekvens
aftonbladet-daily
rss-vad-fan-hande
olyckan-inifran
motiv
dagens-eko
fordomspodden
krimmagasinet
rss-krimstad
rss-frandfors-horna
rss-krimreportrarna
svd-nyhetsartiklar
blenda-2
kungligt
svd-ledarredaktionen