7MS #400: Tales of Internal Pentest Pwnage - Part 14
7 Minute Security14 Feb 2020

7MS #400: Tales of Internal Pentest Pwnage - Part 14

Wow, happy 400th episode everybody! Also, happy SIXTH birthday to the 7MS podcast!

Today I've got a really fun tale of internal network pentest pwnage to share with you, as well as a story about a "poop-petrator." Key moments and takeaways include:

  • Your target network might have heavy egress filtering in place. I recommend doing full apt-get update and apt-get upgrade and grabbing all the tools you need (may I suggest my script for this?).

  • If the CrackMapExec --sam flag doesn't work for you, give secretsdump a try, as I ran it on an individual Win workstation and it worked like a champ!

  • If the latest mimikatz release doesn't rip out passwords for you, try the release from last August. For whatever reason (thanks 0xdf) for the tip!

  • If your procdumps of lsass appear to be small, endpoint protection might be getting in the way! You might be able to figure out what's running - and stop the service(s) - with CrackMapExec and the -x 'tasklist /v' flag.

  • If you need to bypass endpoint protection, don't be afraid to go deep into the Google search results. Unfortunately, I think that's all I can say about that, as vendors seem to get snippy about talking about bypasses publicly.

Has 7MS helped you in your IT and security career? Please consider buying me a coffee!

Avsnitt(715)

7MS #402: Interview with Matt Duench of Arctic Wolf

7MS #402: Interview with Matt Duench of Arctic Wolf

Today I'm joined by Matt Duench (LinkedIn / Twitter), who has a broad background in technology and security - from traveling to over 40 countries around the world working with telecom services, to his...

26 Feb 20201h 12min

7MS #401: Tales of Internal Pentest Pwnage - Part 15

7MS #401: Tales of Internal Pentest Pwnage - Part 15

It's episode 401 and we're having fun, right? Some things we cover today: The Webinar version of the DIY Pwnagotchi evening will be offered in Webinar format on Tuesday, March 10 at 10 a.m. A quic...

21 Feb 20201h 1min

7MS #399: Baby's First Password Cracking Rig

7MS #399: Baby's First Password Cracking Rig

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

7 Feb 202042min

7MS #398: Securing Your Network with Raspberry Pi Sensors

7MS #398: Securing Your Network with Raspberry Pi Sensors

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

30 Jan 202050min

7MS #397: OPSEC Tips for Security Consultants

7MS #397: OPSEC Tips for Security Consultants

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

23 Jan 202036min

7MS #396: Tales of Internal Pentest Pwnage - Part 13

7MS #396: Tales of Internal Pentest Pwnage - Part 13

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

15 Jan 202053min

7MS #395: Tales of Internal Pentest Pwnage - Part 12

7MS #395: Tales of Internal Pentest Pwnage - Part 12

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

9 Jan 20201h 5min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
rss-krimstad
fordomspodden
aftonbladet-krim
spar
flashback-forever
rss-sanning-konsekvens
aftonbladet-daily
rss-vad-fan-hande
motiv
rss-krimreportrarna
politiken
rss-klubbland-en-podd-mest-om-frolunda
rss-frandfors-horna
rss-aftonbladet-krim
krimmagasinet
dagens-eko
rss-flodet
blenda-2