7 Minute Security24 Sep 2019

7MS #382: Tales of Internal Network Pentest Pwnage - Part 9

Today's episode is brought to you by ITProTV. It's never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get over 65 hours of IT training for free by visiting https://itpro.tv/7minute.

Today's episode is about a pentest that was pretty unique for me. I got to ride shotgun and kind of be in the shadows while helping another team pwn a network.

This was an especially interesting one because the client had a lot of great security defenses in place, including:

Strong user passwords
A SIEM solution that appeared to be doing a great job

We did some looking for pwnage opportunities such as:

Systems missing EternalBlue patch
Systems missing BlueKeep patch

What got us a foot in the door was the lack of SMB signing. Check this gist to see how you can use RunFinger.py to find hosts without SMB signing, then use Impacket and Responder to listen for - and pass - high-priv hashes.

Side note: I'm working on getting a practical pentesting gist together in the vein of Penetration Testing: A Hands-On Introduction to Hacking and Hacker Playbook.

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(720)

7MS #479: A Prelude to PwnTown

Hey friends, today we're talking about a new security training offering 7MinSec has created called Light Pentest LITE - Live Interactive Training Experience. It's a 3-day course (with each class sessi...

6 Aug 20217min

7MS #478: Password Cracking in the Cloud - Part 4

Hey friends, today we're continuing our discussion of password cracking by sharing some methodology that has helped us get a high cred yield, and some tips on taking cracked passwords from multiple so...

29 Juli 202137min

7MS #477: Cobalt Strike for Newbs

Today we're talking about Cobalt Strike for newbs - including how to get it up and running, as well as some tools that will help you generate beacons while evading EDR at the same time! Some helpful t...

21 Juli 202138min

7MS #476: Tales of Pentest Pwnage - Part 28

**STOP!** If you didn't listen to [last week's episode](https://7ms.us/7ms-475-tales-of-internal-network-pentest-pwnage-part-27/) you might want to, since this was a two-part tale of pwnage. Either wa...

16 Juli 202125min

7MS #475: Tales of Internal Network Pentest Pwnage - Part 27

Yeahhhhhh! Today's another fun tale of pentest pwnage, including: The importance of starting your pentest with an AD account that actually has access to...ya know...stuff The importance of startin...

8 Juli 202156min

7MS #474: Password Cracking in the Cloud - Part 3

Hey friends! Today we're dusting off an old mini-series about password cracking in the cloud (check out part 1 and part 2) and sharing some awesome info on building a monster of a cracking rig in AWS!...

30 Juni 202146min

7MS #473: Interview with Nikhil Mittal

Hey everybody! Today Joe and I sat down with Nikhil Mittal of Pentester Academy and Altered Security to talk about a whole slew of fun security topics: How Nikhil first got involved in Pentester Aca...

24 Juni 202151min

7MS #473: Interview with Nikhil Mittal

24 Juni 202151min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium