7MS #260: PwnPro 101 - Part 2
7 Minute Security2 Juni 2017

7MS #260: PwnPro 101 - Part 2

I'm continuing to love the our PwnPro and had a chance to use it on a customer assessment this week. For the most part the setup/install was a breeze. Just had a few hiccups that the Pwnie support team straightened me out on right away.

In the episode I mention some command line tools and syntax that helped me work with the Pulse. One was using fping to sweep large subnets and accurately find live hosts:

fping -a -g 10.0.5.0/16 > blah.txt

Then, to setup the reverse shell, I just forwarded port 22 from my Ubiquiti gear to my internal Kali host, and then ran this to make the reverse connection:

ssh pwnie@localhost -p 3333

Lastly, to setup the reverse shell so you can proxy Web traffic to an alternate host/port, such as the Nessus port, setup your shell like so:

ssh pwnie@localhost -p 3333 -ND 8080

Then leave that window open and setup your Web browser so that you do a SOCKS5 proxy to localhost:8080. Finally, visit http://ip.of.your.host:XXXX. So if your Pulse was 1.2.3.4 and had Nessus running, you'd visit https://1.2.3.4:8834.

Enjoy!

Avsnitt(719)

7MS #703: Tales of Pentest Pwnage – Part 79

7MS #703: Tales of Pentest Pwnage – Part 79

Happy Thanksgiving week friends! Today we're celebrating a turkey and pie overload by sharing another fun tale of pentest pwnage! It involves using pygpoabuse to hijack a GPO and turn it into our pent...

28 Nov 202522min

7MS #702: Should You Hire AI to Run Your Next Pentest?

7MS #702: Should You Hire AI to Run Your Next Pentest?

Hello friends, in today's episode I give an audio summary of a talk I gave this week at the MN GOVIT Symposium called "Should You Hire AI to Run Your Next Pentest?"  It's not a pro-AI celebration, nor...

21 Nov 202521min

7MS #701: What I'm Working on This Week – Part 5

7MS #701: What I'm Working on This Week – Part 5

Hello friends!  This week I'm talking about what I'm working on this week, including: Preparing a talk called Should You Hire AI to Run Your Next Pentest for the Minnesota GOVIT Symposium. Playing wi...

14 Nov 202518min

7MS #700: Pretender

7MS #700: Pretender

Today is episode 700 of the 7MinSec podcast! Oh my gosh. My mom didn't think we could do it, but we did. Instead of a big blowout with huge news, giveaways and special guests, today is a pretty standa...

7 Nov 20258min

7MS #699: Pre-Travel Security Tips

7MS #699: Pre-Travel Security Tips

Today we discuss some pre-travel tips you can use before hopping on a plane to start a work/personal adventure. Tips include: Updating the family DR/BCP plan Lightening your purse/wallet Validating/t...

31 Okt 202530min

7MS #698: Baby's First ProjectDiscovery

7MS #698: Baby's First ProjectDiscovery

Today I give a quick review of the cloud version of ProjectDiscovery (not a sponsor!).

24 Okt 202524min

7MS #697: Pwning Ninja Hacker Academy – Part 4

7MS #697: Pwning Ninja Hacker Academy – Part 4

Today your pal and mine Joe "The Machine" Skeen pwn one of the two Ninja Hacker Academy domains! This pwnage included: Swiping service tickets in the name of high-priv users Dumping secrets from wmo...

18 Okt 202513min

7MS #696: Baby's First Security Ticketing System

7MS #696: Baby's First Security Ticketing System

In today's episode: I got a new podcast doodad I really like JitBit as a security ticketing system (not a sponsor) The Threat Hunting with Velociraptor 2-day training was great. Highly recommend. I...

10 Okt 202527min

Populärt inom Politik & nyheter

svenska-fall
aftonbladet-krim
p3-krim
rss-krimstad
flashback-forever
politiken
blenda-2
aftonbladet-daily
rss-sanning-konsekvens
spar
rss-vad-fan-hande
motiv
dagens-eko
grans
svd-ledarredaktionen
rss-krimreportrarna
olyckan-inifran
spotlight
rss-frandfors-horna
rss-aftonbladet-krim