PenTest – Page 2 – NetwerkLABS

Login Brute Forcing

Where to find the passwords/hashes WindowsLinuxunattend.xmlshadowsysprep.infshadow.bakSAMpassword Types of Password Attacks Dictionary attackBrute forceTraffic interceptionMan In the MiddleKey LoggingSocial engineering

Bharath Narayanasamy hydra, brute-force, ncrack

Attacking Active Directory

Understanding Kerberos Authentication

Kerberos Authentication Referenceshttps://www.youtube.com/watch?v=snGeZlDQL2Q https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/b4af186e-b2ff-43f9-b18e-eedb366abf13 krbtgt account -→ KDC Service Account Ticket Details Authorization Data is Microsoft addition to Kerberos; can be manipulated to modify Group membership..etc and launch attacks. Domian Policy about Kerberos settings (default): The…

Bharath Narayanasamy

Enumeration Attacking Active Directory

PowerView Cheat Sheet

up-to-date version of PowerView: https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 New function naming schema: Verbs: Get : retrieve full raw data sets Find : ‘find’ specific data entries in a data set Add : add a new object to a destination…

Bharath Narayanasamy

Attacking Active Directory

Attacking Kerberos

Kerberos Kerberos is the default authentication service for Microsoft Windows domains. It is intended to be more "secure" than NTLM by using third party ticket authorization as well as stronger encryption. Even though NTLM has a…

Bharath Narayanasamy kerberos, AD attacks

PenTest

How to Brute Force Websites with Hydra

Bharath Narayanasamy hydra, brute-force

Enumeration

CrackMapExec Cheat Sheet

Bharath Narayanasamy crackmapexec

PenTest Privilege Escalation

Linux Privilege Escalation

Privilege escalation is all about: Collect - Enumeration, more enumeration and some more enumeration. Process - Sort through data, analyse and prioritisation. Search - Know what to search for and where to find the exploit code.…

Bharath Narayanasamy

Enumeration Cheat Sheets

LINUX 101

Linux File System PathDescription/The top-level directory is the root filesystem and contains all of the files required to boot the operating system before other filesystems are mounted as well as the files required to boot the…

Bharath Narayanasamy linux

Enumeration WebPentest

CURL

Wordpress curl -s http://blog.inlanefreight.local | grep WordPress curl -s http://blog.inlanefreight.local/ | grep themes curl -s http://blog.inlanefreight.local/ | grep plugins curl -s http://blog.inlanefreight.local/?p=1 | grep plugins

Bharath Narayanasamy

PenTest WebPentest

Attacking Drupal

Leveraging Known Vulnerabilities Over the years, Drupal core has suffered from a few serious remote code execution vulnerabilities, each dubbed Drupalgeddon. At the time of writing, there are 3 Drupalgeddon vulnerabilities in existence. CVE-2014-3704, known as Drupalgeddon,…

Bharath Narayanasamy drupal