7MS #638: Tales of Pentest Pwnage – Part 61
7 Minute Security23 Elo 2024

7MS #638: Tales of Pentest Pwnage – Part 61

Today we're talking pentesting – specifically some mini gems that can help you escalate local/domain/SQL privileges:

  • Check the C: drive! If you get local admin and the system itself looks boring, check root of C – might have some interesting scripts or folders with tools that have creds in them.
  • Also look at Look at Get-ScheduledTasks
  • Find ids and passwords easily in Snaffler output with this Snaffler cleaner script
  • There's a ton of gold to (potentially) be found in SQL servers – check out my notes on using PowerUpSQL to find misconfigs and agent jobs you might able to abuse!

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(722)

7MS #569: Interview with Jim Simpson of Blumira

7MS #569: Interview with Jim Simpson of Blumira

Today we're excited to share a featured interview with our new friend Jim Simpson, CEO of Blumira. Jim was in security before it was hip/cool/lucrative, working with a number of startups as well as so...

28 Huhti 202355min

7MS #568: Lets Play With the 2023 Local Administrator Password Solution!

7MS #568: Lets Play With the 2023 Local Administrator Password Solution!

Hey friends, today we're playing with the new (April 2023) version of Local Administrator Password Solution (LAPS). Now it's baked right into PowerShell and the AD Users and Tools console. It's awesom...

21 Huhti 202319min

7MS #567: How to Build an Intentionally Vulnerable SQL Server

7MS #567: How to Build an Intentionally Vulnerable SQL Server

Hey friends, today we're talking about building an intentionally vulnerable SQL server, and here are the key URLs/commands talked about in the episode: Download SQL Server here Install SQL via con...

14 Huhti 202339min

7MS #566: Tales of Pentest Pwnage - Part 47

7MS #566: Tales of Pentest Pwnage - Part 47

Ok, I know we say this every time, but it is true this time yet again: this is our favorite tale of pentest pwnage. It involves a path to DA we've never tried before, and introduced us to a new trick ...

31 Maalis 202354min

7MS #565: How to Simulate Ransomware with a Monkey

7MS #565: How to Simulate Ransomware with a Monkey

Hey friends, today we talk through how to simulate ransomware (in a test environment!) using Infection Monkey. It's a cool way to show your team and execs just how quick and deadly an infection can be...

24 Maalis 202327min

7MS #564: First Impressions of OVHcloud Hosted vCenter

7MS #564: First Impressions of OVHcloud Hosted vCenter

Today we offer you some first impressions of OVHcloud and how we're seriously considering moving our Light Pentest LITE training class to it! TLDR: It runs on vCenter, my first and only virtualizati...

17 Maalis 202343min

7MS #563: Cracking and Mapping and Execing with CrackMapExec - Part 2

7MS #563: Cracking and Mapping and Execing with CrackMapExec - Part 2

Hey friends, today we're covering part 2 of our series all about cracking and mapping and execing with CrackMapExec. Specifically we cover: # Enumerate where your user has local admin rights: cme smb ...

10 Maalis 202335min

7MS #562: Cracking and Mapping and Execing with CrackMapExec

7MS #562: Cracking and Mapping and Execing with CrackMapExec

Hey friends, today we covered many things cracking and mapping and execing with CrackMapExec. Specifically: # General enumeration to see if your account works, and where: cme smb x.x.x.x -u username ...

3 Maalis 202340min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
viisupodi
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
tervo-halme
rss-podme-livebox
rss-asiastudio
rss-pinnalla
rss-vaalirankkurit-podcast
otetaan-yhdet
the-ulkopolitist
linda-maria
rikosmyytit
rss-kaikki-uusiksi
et-sa-noin-voi-sanoo-esittaa
lotta-paakkunainen
rss-hyvaa-huomenta-bryssel
rss-terevisio