Podme logo
HjemOppdagKategorierSøkStudent
7MS #440: Tales of Internal Network Pentest Pwnage - Part 22

7MS #440: Tales of Internal Network Pentest Pwnage - Part 22

33:162020-11-08

Om episode

Hi! Sorry to be so late with this episode, but I'm excited to share with you another fun tale of pentest pwnage! Key points from today's episode include: We do not do these episodes to brag or put down any company about their security posture. We do do (heh, I said "do do") these episodes to share what we're learning about pentesting it helps you become a better network defender and/or offender! Early in an engagement it can be fruitful to run Pcredz to find goodies in the clear like hashes, CC numbers, SNMP traps and more! Run hashes right through the Hashes.org cracked Pwned Passwords list for more management-level impact on your efforts. Do the same with Kerberoastable accounts Once you've gotten a local or domain admin account, use CrackMapExec to dump a workstation's local hashes, then do something VERY important that I just learned this week (details in today's episode) to maybe get insta-DA!

logo

PODME

INFORMASJON

  • Om informasjonskapsler
  • Generelle vilkår
  • Personvernerklæring

LAST NED APPEN

app storegoogle play store

REGION

flag
  • sweden_flag
  • norway_flag
  • finland_flag
redaktorsansvar

Podme arbeider etter Vær Varsom-plakatens regler for god presseskikk. Ansvarlig redaktør og daglig leder er Kristin Ward Heimdal. Redaktør for eksterne innholdssamarbeid er Mathias Thaulow Lisberg.

© Podme AB 2024