😈 [ cube0x0, Cube0x0 ]
A new blog post about relaying YubiKeys is up and tools have been uploaded to GitHub!
This would not have been possible without the previous work of @_EthicalChaos_ so big thanks to him
https://t.co/zfEV7RUAV5
🔗 https://cube0x0.github.io/Relaying-YubiKeys/
🐥 [ tweet ]
A new blog post about relaying YubiKeys is up and tools have been uploaded to GitHub!
This would not have been possible without the previous work of @_EthicalChaos_ so big thanks to him
https://t.co/zfEV7RUAV5
🔗 https://cube0x0.github.io/Relaying-YubiKeys/
🐥 [ tweet ]
😈 [ an0n_r0, an0n ]
Here is why NetNTLMv1 should be disabled in prod networks ASAP. Besides cracking the hash back to NTLM (and then forging Silver Tickets) is straightforward, there is also a lesser known but immediate relay attack path by removing the MIC and doing RBCD abuse. Demo in screenshots.
🐥 [ tweet ]
Here is why NetNTLMv1 should be disabled in prod networks ASAP. Besides cracking the hash back to NTLM (and then forging Silver Tickets) is straightforward, there is also a lesser known but immediate relay attack path by removing the MIC and doing RBCD abuse. Demo in screenshots.
🐥 [ tweet ]
😈 [ aniqfakhrul, Aniq Fakhrul ]
Thanks for the detailed poc! You can also do this without password by relaying ms-efsrpc to target computer, store the socks session and use it with printerbug
🐥 [ tweet ][ quote ]
Thanks for the detailed poc! You can also do this without password by relaying ms-efsrpc to target computer, store the socks session and use it with printerbug
🐥 [ tweet ][ quote ]
😈 [ alukatsky, Alexey Lukatsky ]
Последние нашумевшие взломы (Uber, Okta, Microsoft, LastPass, Cisco и т.п.) объединяет одно - обход MFA. Не пора ли выбросить ее на свалку или все-таки у этой защитной меры есть шанс на достойное существование и надо просто правильно ее использовать? https://t.co/IRNwbbj2lU
🔗 https://lukatsky.ru/technology/vzlom-uber-cisco-i-okta-ili-ne-pora-li-vykinut-mfa-na-pomoyku.html
🐥 [ tweet ]
Последние нашумевшие взломы (Uber, Okta, Microsoft, LastPass, Cisco и т.п.) объединяет одно - обход MFA. Не пора ли выбросить ее на свалку или все-таки у этой защитной меры есть шанс на достойное существование и надо просто правильно ее использовать? https://t.co/IRNwbbj2lU
🔗 https://lukatsky.ru/technology/vzlom-uber-cisco-i-okta-ili-ne-pora-li-vykinut-mfa-na-pomoyku.html
🐥 [ tweet ]
😈 [ gentilkiwi, 🥝🏳️🌈 Benjamin Delpy ]
Want to play with Djoin file ? Citrix SSO passwords?
A new #mimikatz 🥝release here for you!
> https://t.co/kG0WlIHOlQ
(no digital signature, OpenSource certificates are expensive😒)
🔗 https://github.com/gentilkiwi/mimikatz
🐥 [ tweet ]
Want to play with Djoin file ? Citrix SSO passwords?
A new #mimikatz 🥝release here for you!
> https://t.co/kG0WlIHOlQ
(no digital signature, OpenSource certificates are expensive😒)
🔗 https://github.com/gentilkiwi/mimikatz
🐥 [ tweet ]
😈 [ ippsec, ippsec ]
Uploaded a video on detecting Responder when it is setup to respond to LLMNR Requests. Nothing fancy, and there are tools that have done this for a long time like Respounder. However, we keep it simple with just powershell and a scheduled task https://t.co/0DOccIhMHF
🔗 https://youtu.be/h_cWWL-yyb0
🐥 [ tweet ]
Uploaded a video on detecting Responder when it is setup to respond to LLMNR Requests. Nothing fancy, and there are tools that have done this for a long time like Respounder. However, we keep it simple with just powershell and a scheduled task https://t.co/0DOccIhMHF
🔗 https://youtu.be/h_cWWL-yyb0
🐥 [ tweet ]
😈 [ _choisec, Sunggwan Choi ]
New blog post:
https://t.co/68Epz4z0ke
poc Github:
https://t.co/fGbKBZjsv4
Blogged about recreating/simulating an MSI payload from the recent ASEC's blog post(https://t.co/g7KSbhg4tj) and @HuskyHacksMK 's blog post(https://t.co/F7T8DoE6ec). Learned MSI payload generation.
🔗 https://blog.sunggwanchoi.com/recreating-a-msi-payload-for-fun-and-no-profit/
🔗 https://github.com/ChoiSG/GwisinMsi
🔗 https://asec.ahnlab.com/en/37483/
🔗 https://notes.huskyhacks.dev/notes/ms-interloper-on-the-subject-of-malicious-msis
🐥 [ tweet ]
New blog post:
https://t.co/68Epz4z0ke
poc Github:
https://t.co/fGbKBZjsv4
Blogged about recreating/simulating an MSI payload from the recent ASEC's blog post(https://t.co/g7KSbhg4tj) and @HuskyHacksMK 's blog post(https://t.co/F7T8DoE6ec). Learned MSI payload generation.
🔗 https://blog.sunggwanchoi.com/recreating-a-msi-payload-for-fun-and-no-profit/
🔗 https://github.com/ChoiSG/GwisinMsi
🔗 https://asec.ahnlab.com/en/37483/
🔗 https://notes.huskyhacks.dev/notes/ms-interloper-on-the-subject-of-malicious-msis
🐥 [ tweet ]
😈 [ Markak_, Zhenpeng Lin ]
I just released the #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable. Feel free to check it out at https://t.co/IUuvuoLUbX!
🔗 https://github.com/Markakd/CVE-2022-2588
🐥 [ tweet ]
I just released the #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable. Feel free to check it out at https://t.co/IUuvuoLUbX!
🔗 https://github.com/Markakd/CVE-2022-2588
🐥 [ tweet ]
😈 [ pdiscoveryio, ProjectDiscovery.io ]
A Guide to DNS Takeovers: The Misunderstood Cousin of Subdomain Takeovers by @pry0cc / @hakluke
https://t.co/E25vgmyCN4
#hackwithautomation #security #bugbounty
🔗 https://blog.projectdiscovery.io/guide-to-dns-takeovers/
🐥 [ tweet ]
A Guide to DNS Takeovers: The Misunderstood Cousin of Subdomain Takeovers by @pry0cc / @hakluke
https://t.co/E25vgmyCN4
#hackwithautomation #security #bugbounty
🔗 https://blog.projectdiscovery.io/guide-to-dns-takeovers/
🐥 [ tweet ]
👹 [ snovvcrash, sn🥶vvcr💥sh ]
I’m not a big fan of the Cyberpunk 2077 game itself but these new #Edgerunners series are surprisingly very cool and full of the classic “high tech, low life” spirit 🤤
🐥 [ tweet ]
I’m not a big fan of the Cyberpunk 2077 game itself but these new #Edgerunners series are surprisingly very cool and full of the classic “high tech, low life” spirit 🤤
🐥 [ tweet ]
реально супер топ, зацените🔥5
😈 [ LittleJoeTables, Moloch ]
I've collected a few community tutorials/guides/resources for Sliver, feel free to send us more!
https://t.co/FRiBbHpVWa
🔗 https://github.com/BishopFox/sliver/wiki/Community-Guides
🐥 [ tweet ]
I've collected a few community tutorials/guides/resources for Sliver, feel free to send us more!
https://t.co/FRiBbHpVWa
🔗 https://github.com/BishopFox/sliver/wiki/Community-Guides
🐥 [ tweet ]
😈 [ gregdarwin, Greg Darwin ]
Cobalt Strike 4.7.1 is live. This is a patch release to fix an issue with the sleep mask, and a vulnerability in the teamserver. Full details on the blog: https://t.co/Jug1Qg3ede
If you may want to revert back to 4.7 at some point, make a backup of your CS folder before updating.
🔗 https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/
🐥 [ tweet ]
Cobalt Strike 4.7.1 is live. This is a patch release to fix an issue with the sleep mask, and a vulnerability in the teamserver. Full details on the blog: https://t.co/Jug1Qg3ede
If you may want to revert back to 4.7 at some point, make a backup of your CS folder before updating.
🔗 https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/
🐥 [ tweet ]
😈 [ 0xdf_, 0xdf ]
Really clever unintended solution to StreamIO from @xct_de!
https://t.co/lXQCr5y1D5
🔗 https://www.youtube.com/watch?v=3utO6ys2Rhg&t=1130s
🐥 [ tweet ]
Really clever unintended solution to StreamIO from @xct_de!
https://t.co/lXQCr5y1D5
🔗 https://www.youtube.com/watch?v=3utO6ys2Rhg&t=1130s
🐥 [ tweet ]
😈 [ SkelSec, SkelSec ]
My kerberoast project noscriptd... kerberoast has been updated and now it's available on PIP and Github.
No new features, the update is necessary to support the new kerberos and auth libraries that the other libraries using
https://t.co/NtuRqt1oV1
Thx @buherator for the headsup
🔗 https://github.com/skelsec/kerberoast
🐥 [ tweet ]
My kerberoast project noscriptd... kerberoast has been updated and now it's available on PIP and Github.
No new features, the update is necessary to support the new kerberos and auth libraries that the other libraries using
https://t.co/NtuRqt1oV1
Thx @buherator for the headsup
🔗 https://github.com/skelsec/kerberoast
🐥 [ tweet ]
😈 [ x86matthew, x86matthew ]
Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286)
A brief overview of reverse-engineering a Windows service to discover local privilege escalation exploits.
https://t.co/zKLvaYzryf
🔗 https://www.x86matthew.com/view_post?id=windows_seagate_lpe
🐥 [ tweet ]
Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286)
A brief overview of reverse-engineering a Windows service to discover local privilege escalation exploits.
https://t.co/zKLvaYzryf
🔗 https://www.x86matthew.com/view_post?id=windows_seagate_lpe
🐥 [ tweet ]