7MS #638: Tales of Pentest Pwnage – Part 61
7 Minute Security23 Elo 2024

7MS #638: Tales of Pentest Pwnage – Part 61

Today we're talking pentesting – specifically some mini gems that can help you escalate local/domain/SQL privileges:

  • Check the C: drive! If you get local admin and the system itself looks boring, check root of C – might have some interesting scripts or folders with tools that have creds in them.
  • Also look at Look at Get-ScheduledTasks
  • Find ids and passwords easily in Snaffler output with this Snaffler cleaner script
  • There's a ton of gold to (potentially) be found in SQL servers – check out my notes on using PowerUpSQL to find misconfigs and agent jobs you might able to abuse!

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(721)

7MS #601: Breaking Up With Active Directory

7MS #601: Breaking Up With Active Directory

Today our pal Nate Schmitt (you may remember him from his excellent Dealing with Rejection: A DMARC Discussion Webinar) joins us to talk about breaking up with Active Directory. He covers: Why would...

11 Joulu 202327min

7MS #600: First Impressions of Using AI on Penetration Tests

7MS #600: First Impressions of Using AI on Penetration Tests

Hey friends, today I share my experience working with ChatGPT, Ollama.ai, PentestGPT and privateGPT to help me pentest Active Directory, as well as a machine called Pilgrimage from HackTheBox. Will AI...

1 Joulu 202322min

7MS #599: Baby's First Responsible Disclosure

7MS #599: Baby's First Responsible Disclosure

Today we talk about our first experience working through the responsible disclosure process after finding vulnerabilities in a security product. We cannot share a whole lot of details as of right now,...

25 Marras 202338min

7MS #598: Hacking Billy Madison - Part 4

7MS #598: Hacking Billy Madison - Part 4

Today our good buddy Paul and I keep trying to hack the VulnHub machine based on the movie Billy Madison (see part 1 and 2 and 3). In today's final chapter, Paul and I: Find Eric's secret SSH back d...

17 Marras 202324min

7MS #597: Let's JAMBOREE (Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy) with Robert McCurdy

7MS #597: Let's JAMBOREE (Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy) with Robert McCurdy

Today we had a blast talking with Robert McCurdy about JAMBOREE (Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy)! JAMBOREE allows you to quickly spin up a portable Git/Python/Java environment a...

11 Marras 202332min

7MS #596: How to Succeed in Business Without Really Crying - Part 13

7MS #596: How to Succeed in Business Without Really Crying - Part 13

After about a year break (last edition of this series was in October, 2022, we're back with an updated episode of How to Succeed in Business Without Really Crying. We cover: Why we're not planning on...

4 Marras 202331min

7MS #595: Choosing the Right XDR Strategy with Matt Warner of Blumira

7MS #595: Choosing the Right XDR Strategy with Matt Warner of Blumira

Today we're joined by Matt Warner of Blumira (remember him from episodes #551 and #529 and #507?) to talk about choosing the right XDR strategy! There's a lot to unpack here. Are EDR, MDR and XDR rela...

31 Loka 20231h 3min

7MS #594: Using PatchMyPC to Auto-Update Pentest Dropboxes

7MS #594: Using PatchMyPC to Auto-Update Pentest Dropboxes

Today we're talking about how you can use PatchMyPc to keep your home PC and/or pentest dropbox automatically updated with the latest/greatest patches!

23 Loka 202329min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
viisupodi
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
tervo-halme
rss-podme-livebox
rss-asiastudio
rss-pinnalla
rss-vaalirankkurit-podcast
otetaan-yhdet
the-ulkopolitist
linda-maria
rikosmyytit
rss-kaikki-uusiksi
et-sa-noin-voi-sanoo-esittaa
lotta-paakkunainen
rss-hyvaa-huomenta-bryssel
rss-terevisio