7MS #405: Tales of Internal Pentest Pwnage - Part 16
Mar 12, 2020 • 44 minutes
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.
Today's episode of pentest pwnage is the (hopefully) exciting conclusion to this episode. Last we left this pentest, we ran into some excellent blue team defenses, including:
In today's episode we talk about:
How maybe it's not a good idea to make computer go completely "shields down" during pentests
Being careful not to fat-finger anything when you spawn cmd.exe with creds, like
runas /netonly /user:samplecompany\billybob "C:\windows\system32\cmd.exe"
Being careful not to fat-finger anything when using CrackMapExec
How fundamental and really effective blue team controls (such as the ones mentioned above) can really make pentesting a headache!
How you should be careful when spawning shells with MultiRelay (part of Responder is it creates new services on your victim machine
Has the 7MS podcast helped you in your IT and security career? Please consider supporting us!
Choose from the options below to listen and subscribe to 7 Minute Security in your podcast app of choice. By subscribing you will receive new episodes automatically.
Search for 7 Minute Security or copy the URL below and enter it in your podcast application.