laatste deel ch05
Jef Roosens
parent
fe632b6ab5
commit
54c5cb8277
|
|
@ -184,3 +184,25 @@
|
||||||
2. attacker relays authentication request messages to real server -> acts
|
2. attacker relays authentication request messages to real server -> acts
|
||||||
as authenticating client
|
as authenticating client
|
||||||
3. attacker receives authentication and returns error message to client
|
3. attacker receives authentication and returns error message to client
|
||||||
|
|
||||||
|
### Obtaining hashes
|
||||||
|
|
||||||
|
* Linux: `/etc/passwd` & `/etc/shadow`
|
||||||
|
* Windows
|
||||||
|
* Metasploit `hashdump`
|
||||||
|
* minikatz
|
||||||
|
* domain controller: Volume Shadow Copy Service (VSS) to create copy of OS
|
||||||
|
partition including password db
|
||||||
|
* requires shell access to target with system or admin
|
||||||
|
* sniff authentication challenge/responses
|
||||||
|
|
||||||
|
## Pivoting
|
||||||
|
|
||||||
|
* methods
|
||||||
|
* SSH port forwarding
|
||||||
|
* can also act as SOCKS proxy
|
||||||
|
* meterpreter
|
||||||
|
* use `route` command to route packets through open connections
|
||||||
|
* netcat
|
||||||
|
* TCP tunnel
|
||||||
|
* ...
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,8 @@
|
||||||
---
|
---
|
||||||
title: Network Security Summary
|
title: Network Security Summary
|
||||||
geometry:
|
geometry:
|
||||||
- top=30mm
|
- top=15mm
|
||||||
- left=30mm
|
- left=15mm
|
||||||
- right=30mm
|
- right=15mm
|
||||||
|
- bottom=15mm
|
||||||
---
|
---
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue