7MS #405: Tales of Internal Pentest Pwnage - Part 16
7 Minute Security12 Maalis 2020

7MS #405: Tales of Internal Pentest Pwnage - Part 16

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.

Today's episode of pentest pwnage is the (hopefully) exciting conclusion to this episode. Last we left this pentest, we ran into some excellent blue team defenses, including:

  • MFA on internal servers (which we bypassed)
  • Strong passwords
  • Limited vulnerable protocols (LLMNR/Netbios/etc) available to abuse for cred-capturing
  • Servers that were heavily firewalled off from talking SMB to just any ol' subnet nor the Interwebs (here's a great video on how to fine-tune your software firewall chops)

In today's episode we talk about:

  • How maybe it's not a good idea to make computer go completely "shields down" during pentests

  • Being careful not to fat-finger anything when you spawn cmd.exe with creds, like

runas /netonly /user:samplecompany\billybob "C:\windows\system32\cmd.exe"

  • Being careful not to fat-finger anything when using CrackMapExec

  • How fundamental and really effective blue team controls (such as the ones mentioned above) can really make pentesting a headache!

  • How you should be careful when spawning shells with MultiRelay (part of Responder is it creates new services on your victim machine

Has the 7MS podcast helped you in your IT and security career? Please consider supporting us!

Jaksot(710)

7MS #6: Fun Firewall Rules – part 2 (audio)

7MS #6: Fun Firewall Rules – part 2 (audio)

In this episode I continue talking about some basic firewall rules that many organizations don't have in place. Download: Episode 6: Fun Firewall Rules – part 2 (audio) Show notes: Limit outbound DNS ...

8 Maalis 20147min

7MS #5: Fun Firewall Rules – part 1 (audio)

7MS #5: Fun Firewall Rules – part 1 (audio)

In this episode I talk about some basic firewall rules that many organizations don't have in place. Download: Episode 5: Fun Firewall Rules – part 1 (audio) Show notes: Block outbound port TCP 25 for ...

1 Maalis 20147min

7MS #4: Patch Strategies: Part Deux (audio)

7MS #4: Patch Strategies: Part Deux (audio)

In this episode I continue talking about some dos and donts of patch strategies – this time talking about enterprise level gear. Download: Episode 4: Patch Strategies: Part Deux (audio) Show notes: Th...

22 Helmi 20146min

7MS #3: Patch Strategies: Part 1 (audio)

7MS #3: Patch Strategies: Part 1 (audio)

In this episode I talk about some trends (and problems) we're seeing on the patching front – specifically OS and third-party apps. Download: Episode 3: Patch Strategies: Part 1 (audio) Show notes: Mos...

13 Helmi 20147min

7MS #2: The Importance of Logging and Alerting! (audio)

7MS #2: The Importance of Logging and Alerting! (audio)

In this episode I talk about how a client of ours learned a hard lesson: that the lack of logging/alerting makes for a pretty miserable investigation after they were breached. Download: Episode 2: The...

1 Helmi 20147min

7MS #1: Epic Introduction! (audio)

7MS #1: Epic Introduction! (audio)

In this episode, I talk about the inspiration behind the 7MS podcast and my vision for it going forward. (Admittedly, my ulterior motive is to use this intro episode to figure out how in the heck to g...

1 Helmi 20147min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
tervo-halme
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
politiikan-puskaradio
rss-vaalirankkurit-podcast
rss-podme-livebox
viisupodi
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
io-techin-tekniikkapodcast
linda-maria
rikosmyytit
rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit
rss-merja-mahkan-rahat
mtv-uutiset-polloraati
rss-aika-ankkuri
rss-kaikki-uusiksi
rss-raha-talous-ja-politiikka