7MS #309: Password Cracking in the Cloud - Part 2

7MS #309: Password Cracking in the Cloud - Part 2

Cracking passwords in the cloud is super fun (listen to last week's episode to learn how to build your own cracking box on the cheap at Paperspace)!

In the last couple weeks, customers have asked me about doing a password strength assessment on their Active Directory environment. I asked around and read a bunch of blogs and found a method that I think:

  • Extracts the hashes safely
  • Parses down the dump to contain only the hashes (so that if somebody popped my Paperspace cloud-crackin' box, they'd have just a list of half-cracked hashes and that's it)
  • Does the work pretty automagically

I talk about this in more detail in today's podcast, and here's the gist you can follow with all the necessary commands to get AD crackin'!

Avsnitt(695)

7MS #102: Recon-ng!

7MS #102: Recon-ng!

I'm a big fan of Recon-ng and you should be too! Check it out - and learn more about Tim Tomes, its creator - at www.lanmaster53.com. And here's the video I mentioned in the podcast - my first look at Recon-ng in action: https://www.youtube.com/watch?v=vkmNTNl6urw

15 Okt 20158min

7MS #101: OFFTOPIC-I Am Chris Farley

7MS #101: OFFTOPIC-I Am Chris Farley

The new(ish) Chris Farley documentary is fantastic - see it!

14 Okt 20157min

7MS #100: Assessment Curses Can Be Blessings

7MS #100: Assessment Curses Can Be Blessings

Ever had an assessment that you thought would be the death of you? I had one recently, but after sticking it out, it turned out to be a blessing in disguise.

9 Okt 20157min

7MS #99: How to Deliver Bad News in a Good Way

7MS #99: How to Deliver Bad News in a Good Way

Today's episode gives you some tips on how to deliver bad news in an assessment in a positive way. I think that last sentence was a grammatical nightmare.

2 Okt 20158min

7MS #98: Intro to PCI Scoping

7MS #98: Intro to PCI Scoping

So far I've focused on the technical aspects of PCI, but I'm trying to get familiar with the overall scoping questions that my tenacious QSA friends ask when they start a gap analysis. This episode shares some interesting tidbits I learned while doing some QSA "shadowing" on an assessment of a restaurant.

30 Sep 20158min

7MS #97: OFFTOPIC-Limbo

7MS #97: OFFTOPIC-Limbo

We're going off topic today and talking about video games! LIMBO for the Xbox!

25 Sep 20157min

7MS #96: How to Make Enemies During a Security Assessment

7MS #96: How to Make Enemies During a Security Assessment

Yep, we're talking about how to make ENEMIES during a security assessment today (and maybe turn them into friends).

23 Sep 20159min

7MS #95: How to Make Friends During a Security Assessment

7MS #95: How to Make Friends During a Security Assessment

When you start a security assessment with a company, not everybody's gonna be glad to see you. The IT dept and other employees may have tense shoulders, thinking that this is an Office Space situation where they're interviewing for their jobs. This episode talks about some ways you might be able to get your assessment off to a right start.

17 Sep 20157min

Populärt inom Politik & nyheter

aftonbladet-krim
motiv
p3-krim
svenska-fall
rss-krimstad
fordomspodden
rss-viva-fotboll
flashback-forever
olyckan-inifran
aftonbladet-daily
rss-sanning-konsekvens
svd-nyhetsartiklar
rss-vad-fan-hande
dagens-eko
rss-frandfors-horna
blenda-2
svd-dokumentara-berattelser-2
rss-flodet
rss-krimreportrarna
mannen-utan-spar