So I was recently on an internal assessment (Thanks Hexcartel) and got to do some cool tricks I felt like sharing. Behold some tricks: Dumping Lsass on Windows 10 😋 Quick and Easy So, we all know you can’t just blast Crackmapexec and attach a C2 stager and get shells raining like you could in an unpatched Windows 7 network. See my post on “How I use Koadic on Internals”
Storytime… 🎧 So this one’s gonna be short and sweet; More of a lesson than anything. So, for those of you that don’t follow me super close, I recently went on a trip to Cancun Mexico; It was great in case you were wondering. Anywho, one of those days I noticed this huge kiosk that happened to be a 40 inch Flatscreen Touchscreen TV that listed the hotel’s special services and was there for public use.
Installing Postfix First thing you need to do to get started is install postfix on your jump box. ⋊> /e/gophish sudo apt-get install postfix Once you have it installed you’ll need to configure the main.cf file. After making changes to your main.cf file make sure that the service actually runs. If you run the postfix service with sudo service postfix start do a quick netstat and see if you see port 25 open and listening.
Overview ☔ Yea…..so apparently there is very little documentation for the current build of Silent Trinity. I was in the office today and saw my boy TheTalilama figuring it out so I decided to hop in and see how it worked. It actually does a great job against Windows 10 from what I have seen from just fooling around with it. Let’s get into how it works. Download Silent Trinity!
Backstory 📖 So…there was this one location in Vegas during Defcon 27 that had these pcs that could be used by the general public. Kiosks as some would say…Well I went over to them to see what all accessibility these kiosks had to offer out of general curiosity, you know, “can these let me access facebook, github, reddit” etc. type stuff. Well, to my astonishment these kiosks had an interface that wouldn’t allow me to access the C:\ drive!
Intro There’s a lot of hype around the new version of Covenant 3.0 so I figured I’d share my installation experience with the world (I need content…shhhhh…lol). My boy Wraith said it was pretty legit so I had a quick look-see before hoping into bed. It def looks like a solid and modern framework that ups that ante for other C2 frameworks (you’ll never steal my heart from Koadic!❤).
Overview I LOVE KOADIC!! Yes this doesn’t work out of the box against Windows 10+ machines but if you find yourself on a network with older Windows 7 and Windows Server 2012 and below machines Koadic will gobble the network whole and very quickly. I guess I should note that much of what I love about it is it’s organization and implementation of Mimikatz which is probably the real MVP of the tool.
Job Hunting? Go Away….😤 So after you become an OSCP you expect jobs to just start raining on you after you stamp that OSCP in your resume and start sending it out. Yea….no. If you’re like me and all you have is OSCP and Hackthebox in terms of network security experience job hunting can be absolutely excruciating. The interviews process can make you feel like you know absolutely nothing; which is partially true if you were like me at the time.