by The Ethical Hacking Guru | Feb 14, 2021 | Redteam
Network File System (NFS) shares are the Linux version of Windows SMB shares. These are used for Unix-based machines to share files with each other. Mounting an NFS share allows the remote client to view the files as if they were viewing them locally on the same...
by The Ethical Hacking Guru | Feb 10, 2021 | Crackmapexec, Redteam
By default wdigest is disabled on Windows 10, but not removed. You can enable it with a registry change. This is a short and sweet tutorial on how to dump Windows passwords by exploiting wdigest in a wdigest downgrade attack. I demonstrate how to exploit the...
by The Ethical Hacking Guru | Jan 9, 2021 | Blueteam, Redteam
Like Kerberoasting, ASREPRoasting is an attack that ends with offline cracking of an encrypted password hash for an account in an Active Directory domain. All it takes is an account with DONT_REQ_PREAUTH enabled. From Microsoft, the definition of this setting:...
by The Ethical Hacking Guru | Jan 9, 2021 | Blueteam, Redteam
The recent news about the SolarWinds hack that involves dozens of government agencies has brought new attention to attack against service accounts through Kerberos manipulation, known as Kerberoasting. Although this is not the only serious attack method against...
by The Ethical Hacking Guru | Jan 1, 2021 | Redteam
Sometimes to perform Windows Privilege Escalation you need to simply exploit the installed software. This is a common scenario for ethical hacking challenges. This tutorial will show you how to exploit remote connection managers, such as mRemoteNG. One of those...
by The Ethical Hacking Guru | Dec 9, 2020 | Become An Ethical Hacker, Redteam, SQLMap
While using SQLMap is not allowed on the OSCP exam, it is an ethical hacking standard and you should be very familiar with it. It is commonly used in interviews for junior penetration tester questions to weed out the wannabees. Enjoy this tutorial, how to use SQLMap...
