7MS #400: Tales of Internal Pentest Pwnage - Part 14

7 Minute Security14 Feb 2020

7MS #400: Tales of Internal Pentest Pwnage - Part 14

Wow, happy 400th episode everybody! Also, happy SIXTH birthday to the 7MS podcast!

Today I've got a really fun tale of internal network pentest pwnage to share with you, as well as a story about a "poop-petrator." Key moments and takeaways include:

Your target network might have heavy egress filtering in place. I recommend doing full apt-get update and apt-get upgrade and grabbing all the tools you need (may I suggest my script for this?).
If the CrackMapExec --sam flag doesn't work for you, give secretsdump a try, as I ran it on an individual Win workstation and it worked like a champ!
If the latest mimikatz release doesn't rip out passwords for you, try the release from last August. For whatever reason (thanks 0xdf) for the tip!
If your procdumps of lsass appear to be small, endpoint protection might be getting in the way! You might be able to figure out what's running - and stop the service(s) - with CrackMapExec and the -x 'tasklist /v' flag.
If you need to bypass endpoint protection, don't be afraid to go deep into the Google search results. Unfortunately, I think that's all I can say about that, as vendors seem to get snippy about talking about bypasses publicly.

Has 7MS helped you in your IT and security career? Please consider buying me a coffee!

Oppdag Premium

Prøv 14 dager gratis

Episoder(715)

7MS #402: Interview with Matt Duench of Arctic Wolf

7MS #402: Interview with Matt Duench of Arctic Wolf

Today I'm joined by Matt Duench (LinkedIn / Twitter), who has a broad background in technology and security - from traveling to over 40 countries around the world working with telecom services, to his...

26 Feb 20201h 12min

7MS #401: Tales of Internal Pentest Pwnage - Part 15

7MS #401: Tales of Internal Pentest Pwnage - Part 15

It's episode 401 and we're having fun, right? Some things we cover today: The Webinar version of the DIY Pwnagotchi evening will be offered in Webinar format on Tuesday, March 10 at 10 a.m. A quic...

21 Feb 20201h 1min

7MS #399: Baby's First Password Cracking Rig

7MS #399: Baby's First Password Cracking Rig

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

7 Feb 202042min

7MS #398: Securing Your Network with Raspberry Pi Sensors

7MS #398: Securing Your Network with Raspberry Pi Sensors

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

30 Jan 202050min

7MS #397: OPSEC Tips for Security Consultants

7MS #397: OPSEC Tips for Security Consultants

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

23 Jan 202036min

7MS #396: Tales of Internal Pentest Pwnage - Part 13

7MS #396: Tales of Internal Pentest Pwnage - Part 13

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

15 Jan 202053min

7MS #395: Tales of Internal Pentest Pwnage - Part 12

7MS #395: Tales of Internal Pentest Pwnage - Part 12

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

9 Jan 20201h 5min

Reklamefrie Premium-podkaster

Hør populære podkaster som Storefri med Mikkel og Herman, Ida med hjertet i hånden, Krimpodden og mye mye mer

Skap din egen podkastboble

I appen skaper du ditt eget bibliotek med favoritter, og vi gir deg også anbefalinger til podkaster du ikke kan gå glipp av.

Prøv 14 dager gratis

Dersom du er ny Podme-bruker får du 14 dager gratis prøveperiode når du oppretter abonnement

Premium

99 kr/ måned

Tilgang til alle våre Premium-podkaster
Alle podkaster fra VG, Aftenposten, BT og SA
Reklamefritt Premium-innhold
Ingen bindingstid. Avslutt når du ønsker

Prøv 14 dager gratis

Premium

129 kr/ måned

Tilgang til alle Premium-podkaster
Alle podkaster fra VG, Aftenposten, BT og SA
Reklamefritt Premium-innhold
Ingen bindingstid. Avslutt når du ønsker
En Ekstra bruker

Prøv 14 dager gratis

Populært innen Politikk og nyheter

giver-og-gjengen-vg

aftenpodden-usa

lydartikler-fra-aftenposten

fotballpodden-2

dine-penger-pengeradet

det-store-bildet

rss-gukild-johaug

hanna-de-heldige

frokostshowet-pa-p5

rss-dannet-uten-piano

grasoner-den-nye-kalde-krigen

Historiene og stemmene du vil høre

Ubegrenset tilgang til alle dine favorittpodkaster og lydbøker