7MS #693: Pwning Ninja Hacker Academy – Part 3
7 Minute Security19 Syys 2025

7MS #693: Pwning Ninja Hacker Academy – Part 3

This week your pal and mine Joe "The Machine" Skeen kept picking away at pwning Ninja Hacker Academy. To review where we've been in parts 1 and 2:

  • We found a SQL injection on a box called SQL, got a privileged Sliver beacon on it, and dumped mimikatz info
  • From that dump, we used the SQL box hash to do a BloodHound run, which revealed that we had excessive permissions over the Computers OU
  • We useddacledit.py to give ourselves too much permission on the Computers OU

Today we:

  • Did an RBCD attack against the WEB box
  • Requested a service ticket to give us local admin superpowers on WEB
  • Performed a secretsdump against WEB
  • Struggled to do a mimikatz dump at the end of the episode (after we ended the stream I realized I could've just done the mimikatz dump because I had local admin access! Oh well, we'll pick things up again during part 4 next month!)

Jaksot(713)

7MS #49: OSCP – The Final Chapter – part 1! (audio)

7MS #49: OSCP – The Final Chapter – part 1! (audio)

We've arrived at the exciting two-part finale to my bloody battle with the OSCP! 7MS #49: OSCP – the final chapter – part 1! (audio)

31 Maalis 20157min

7MS #48: So I Gave My Eight Year Old a Computer (audio)

7MS #48: So I Gave My Eight Year Old a Computer (audio)

Is it a good idea to give young kids a computer to play with? Maybe. Maybe not. Tune in to today's episode and weigh in! 7MS #48: So I Gave My Eight Year Old a Computer (audio)

21 Maalis 20158min

7MS #47: Logging and Alerting RELOADED (audio)

7MS #47: Logging and Alerting RELOADED (audio)

Hey, you should log the stuff going on in your network. This episode talks about that (again). And I reference some AD-related settings that may not be enabled in your environment…stuff you might want...

17 Maalis 20157min

7MS #46: So You Want to be a Hacker? (audio)

7MS #46: So You Want to be a Hacker? (audio)

So you want to be a hacker? Cool. In this episode I toss myself under the bus and share why I used to have a really dumb perspective on what that meant, and how my view of hackers – and hacking – has ...

14 Maalis 20157min

7MS #45: OFFTOPIC – Why I Stopped Pirating Software (audio)

7MS #45: OFFTOPIC – Why I Stopped Pirating Software (audio)

Warning, this is an off topic episode! I used to pirate software. There. I admitted it. But it's funny how a letter from the Comcast legal dept. will change your mind and let you see piracy in a whole...

10 Maalis 20157min

7MS #44: OFFTOPIC – Annoying People at the YMCA (audio)

7MS #44: OFFTOPIC – Annoying People at the YMCA (audio)

Warning, this is an off topic episode! Did you know it's fun to stay at the YMCA? Did you also know it's fun to annoy annoying people at the YMCA? Listen to this episode to find out why. 7MS #44: OFFT...

7 Maalis 20157min

7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

Did you know that Web site vulnerability scanners can destroy your customer sites? If not, listen to this. 7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

28 Helmi 20157min

7MS #42: Vulnerability Scans vs. Pentests (audio)

7MS #42: Vulnerability Scans vs. Pentests (audio)

I think everybody throws around the terms "vulnerability scans" and "pentests" and they mean completely different things from one person to the next. In this episode I try to clarify the differences a...

14 Helmi 20157min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
ootsa-kuullut-tasta-2
politiikan-puskaradio
rss-ootsa-kuullut-tasta
rss-vaalirankkurit-podcast
tervo-halme
viisupodi
rss-podme-livebox
et-sa-noin-voi-sanoo-esittaa
rss-asiastudio
otetaan-yhdet
rikosmyytit
the-ulkopolitist
rss-girls-finish-f1rst
rss-raha-talous-ja-politiikka
radio-antro
rss-kaikki-uusiksi
linda-maria
rss-sinivalkoinen-islam