THE CU
  • Home
  • Blogs
  • Offense
    • Pen Tester Training Program
    • Offensive Cheat Sheets >
      • Bash Commands
      • Network Enumeration
      • Web Enumeration
      • Windows Post Ex
      • Metasploit
      • Shells
      • PowerShell
    • Offensive Links
  • Defense
    • Junior SOC Analyst Roadmap
    • Intermediate SOC Analyst Training Program
    • Defense Links
  • Land A Job
    • Improve Resume
    • Find a Job
    • Interview Prep
    • Grow as a Practitioner
    • Get Experience
  • FAQS
  • Other
    • Finance Resources
    • CTFs and Cons
    • Training
    • Twitter People to Follow
    • Podcasts
    • Books
    • Twitch Streamers

 

SMB Series - Null Sessions

8/7/2021

0 Comments

 
Server Message Block (SMB) is a service often overlooked by new penetration testers. An unfortunate result given the valuable information and opportunity for a quick initial foothold on a network. Do yourself a favor and don’t make this mistake as a budding hacker.
​
This blog will act as the first part in the SMB series to cover avenues for enumeration and paths to getting initial access, both applicable to the world of CTF boxes and to real-life penetration testing. Null sessions are one piece that pops up in CTF's consistently and in the real-world every so often.  Regardless, many of the techniques demonstrated here can be used alone or with a limited account. 

Enjoy the blog and let me know your favorite technique to pair with a Null Session.

Read More
0 Comments

Virtual machine credential extraction

11/1/2020

0 Comments

 
A short but sweet blog post today. If you ever find yourself with local admin credentials on a server that manages VM's, such as vCenter and esxi, think blue team. Years ago someone from work spoke about how they were able to get credentials from a virtual image by using a snapshot or a VM that was paused. This recollection inspired me to try a new technique that utilizes my relatively new forensic skills in an interesting attack.

Instead of relying on extracting registry files, assuming that is what he did, you could instead use volatility on the snapshot data to extract the hashes from a target system. These hashes can then be used with any pass the hash technique to get a shell. I wish I could remember who used the technique and what exactly they did but that was over 3 years ago and I am not as perfect at recollecting things as computers. Also, I am by no means the first person to do this, I just happened to be inspired by my circumstance at the time to try something new. I figured this may be useful to other folks as well.

See short and sweet.​

Read More
0 Comments

Cracking hashes with rules

10/4/2020

1 Comment

 
Hey everyone! It has been a couple of weeks since I dropped a blog, so I figured it is about time I put together a nice technical one. Today we will be discussing strategies to more effectively (and efficiently) crack different types of hashes. These techniques will apply as equally to CTF’s as they will to real-life pen testing engagements.

Read More
1 Comment

    Author

    Silverbits
    - Infosec Enthusiast
    - Traveler
    - Future AT Thru-Hiker
    - CTFer
    - Red and Blue Teamer

      signup!

    Subscribe to Newsletter

    Categories

    All
    Book Review
    Certifications
    Coding
    Conferences
    Course Review
    Cracking
    Defense
    Finance
    Fire
    Forensics
    Hacking
    Hashes
    Incident Response
    Job Hunting
    Malware
    Mindset
    OSCP
    Pen Testing
    Tools
    Travel
    Updates
    Web Hacking

    Archives

    January 2023
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    May 2018
    April 2018

    RSS Feed

Home      Blogs    Disclaimers    Copyright Notice   Cookie Policy ​
  • Home
  • Blogs
  • Offense
    • Pen Tester Training Program
    • Offensive Cheat Sheets >
      • Bash Commands
      • Network Enumeration
      • Web Enumeration
      • Windows Post Ex
      • Metasploit
      • Shells
      • PowerShell
    • Offensive Links
  • Defense
    • Junior SOC Analyst Roadmap
    • Intermediate SOC Analyst Training Program
    • Defense Links
  • Land A Job
    • Improve Resume
    • Find a Job
    • Interview Prep
    • Grow as a Practitioner
    • Get Experience
  • FAQS
  • Other
    • Finance Resources
    • CTFs and Cons
    • Training
    • Twitter People to Follow
    • Podcasts
    • Books
    • Twitch Streamers