Today I decide to create the HackTheBox Meta WriteUp, is a medium machine running Linux released on 22 Jan 2022. I’ve started scanning the machine using rustscan and detect two open ports, 22 and 80 Port 22 is running SSH I move on and start scanning port 80. On port 80 we have a webserver […]
Detecting Zerologon with CrackMapExec (CVE-2020-1472)
Today I am writing about CVE-2020-1472 (ZeroLogon) and how can be detected with CrackMapExec and then exploit it using a script. If you want to learn more about this amazing tool check documentation about CrackMapExec 5.4.0. What is Zerologon? How to detect Zerologon vulnerability? How to exploit Zerologon vulnerability? How to get a shell with […]
Read More “Detecting Zerologon with CrackMapExec (CVE-2020-1472)”
Active Directory Penetration Testing: Methodology
Today I am writing about Active Directory penetration Testing methodology, this is part of my study for eCPPTv2 by eLearningSecurity. Active Directory is a service to manage corporate domains Active Directory Port Numbers Port Protocol Description 53/TCP DNS Server 88/TCP kerberos-sec 135/tcp MSRPC 139/tcp NetBIOS SSN 389/tcp LDAP 445/tcp Samba 636/tcp LDAP SSL 3389/tcp Tools […]
Read More “Active Directory Penetration Testing: Methodology”
Enumerating Active Directory: Domains
In this tutorial, we will learn steps to start our journey on Active Directory enumeration, first step is to enumerate information about the Domain. Then we will extract information about the Users, Computers, Domain Administrators, Enterprise Administrators, and network shares. Understand how to start enumerating a Domain Controller and escalate your privileges inside the network. […]
Chisel Reverse Proxy: Pivoting Networks
Welcome, today I will talk about Pivoting with Chisel Reverse Proxy, in this tutorial we will get a reverse shell from each machine on the pentester machine. I assume you already gain access to all machines and you want to keep access to all networks. In case you need to install our tool visit chisel […]
How to Install Bloodhound on Linux
How to Install Bloodhound on Linux Linux Installation
NetBios Penetration Testing Fundamentals
What is NetBios? Name service for name registration and resolution (ports: 137/udp and 137/tcp). Datagram distribution service for connectionless communication (port: 138/udp). Session service for connection-oriented communication (port: 139/tcp). Enumerate What? Enumerating SIDs Enumerating User Accounts Administrator ID Without Authentication With Authentication Microsoft Tools Dsget PsList psloggedon PsLogList PsPasswd PsShutdown NetBIOS Enumerator NetBios Exploits NetBIOS […]
Methodology Scanning Linux Hosts: Theory
Methodology To Attack a Linux Machine Ok after scanning the network we detect some Linux machines and now? What do we need to investigate in order to get root on the remote machine? First scan all 65535 TCP ports available, don’t scan them all at once. Start by scanning the most common ones then go […]
Network Scanning Methodology: Theory
Network Scanning Methodology on a Penetration testing assessment, understand how to start enumerating a network manually and using nmap. I will not talk about Windows or Linux, just networking stuff. Usually in certifications labs or executing a penetration test on a client we have defined in our scope a sub net with a specified range […]
