7 Minute Security12 Maalis 2020

7MS #405: Tales of Internal Pentest Pwnage - Part 16

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.

Today's episode of pentest pwnage is the (hopefully) exciting conclusion to this episode. Last we left this pentest, we ran into some excellent blue team defenses, including:

MFA on internal servers (which we bypassed)
Strong passwords
Limited vulnerable protocols (LLMNR/Netbios/etc) available to abuse for cred-capturing
Servers that were heavily firewalled off from talking SMB to just any ol' subnet nor the Interwebs (here's a great video on how to fine-tune your software firewall chops)

In today's episode we talk about:

How maybe it's not a good idea to make computer go completely "shields down" during pentests
Being careful not to fat-finger anything when you spawn cmd.exe with creds, like

runas /netonly /user:samplecompany\billybob "C:\windows\system32\cmd.exe"

Being careful not to fat-finger anything when using CrackMapExec
How fundamental and really effective blue team controls (such as the ones mentioned above) can really make pentesting a headache!
How you should be careful when spawning shells with MultiRelay (part of Responder is it creates new services on your victim machine

Has the 7MS podcast helped you in your IT and security career? Please consider supporting us!

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(719)

7MS #382: Tales of Internal Network Pentest Pwnage - Part 9

Today's episode is brought to you by ITProTV. It's never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get ...

24 Syys 201934min

7MS #381: DIY $500 Pentesting Lab Deployment Tips

For Windows VMs Take a snapshot right after the OS is installed, as (I believe) the countdown timer for Windows evaluation mode starts upon first "real" boot. Want to quickly run Windows updates on a...

18 Syys 201938min

7MS #380: Tales of Internal Network Pentest Pwnage - Part 8

5 Syys 201928min

7MS #379: Tales of Internal Network Pentest Pwnage - Part 7

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent...

30 Elo 201943min

7MS #378: Interview with Zane West of Proficio

In today's episode, I sit down with Zane West of Proficio. Zane has been in information security for more than 20 years - starting out in the "early days" as a sysadmin and then moved up into global i...

22 Elo 201954min

7MS #377: DIY Pentest Dropbox Tips

16 Elo 201928min

7MS #376: Tales of SQL Injection Pwnage

12 Elo 201938min

7MS #375: Tales of Pentest Fail #3

I swear this program isn't turning into the Dr. Phil show, but I have to say that sharing tales of fail is extremely therapeutic for me, and based on your comments, it sounds like many of you feel the...

2 Elo 201940min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

rss-polikulaari-pitka-kiekko-ja-muut-ts-podcastit

rss-tasta-on-kyse-ivan-puopolo-verkkouutiset

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää