|
You are here |
securitypimp.net | ||
| | | | |
0xdf.gitlab.io
|
|
| | | | | I loved Sizzle. It was just a really tough box that reinforced Windows concepts that I hear about from pentesters in the real world. I'll start with some SMB access, use a .scf file to capture a users NetNTLM hash, and crack it to get creds. From there I can create a certificate for the user and then authenticate over WinRM. I'll Kerberoast to get a second user, who is able to run the DCSync attack, leading to an admin shell. I'll have two beyond root sections, the first to show two unintended paths, and the second to exploit NTLM authentication over HTTP, and how Burp breaks it. | |
| | | | |
www.tarlogic.com
|
|
| | | | | Kerberos attacks: Kerberos brute-force, ASREPRoast, Kerberoasting, Pass the key, Pass the ticket, Silver ticket and Golden ticket explanation. | |
| | | | |
blog.ikuamike.io
|
|
| | | | | ||
| | | | |
blog.fox-it.com
|
|
| | | Fox-IT (part of NCC Group) has uncovered a large-scale exploitation campaign of Citrix NetScalers in a joint effort with the Dutch Institute of Vulnerability Disclosure (DIVD). An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing webshells on vulnerable NetScalers to gain persistent access. The adversary can execute arbitrary commands with this webshell,... | ||