Here we will perform a token impersonation. There are a few ways an adversary can access tokens of elevated accounts, such as a domain administrator. For this walk-through, we will simply use Meterpreter. Prerequisites: Domain controller with Active Directory setup. See this series, to set up your lab environment. Kali Continue Reading
Obligatory Post-OSCP Post
I have finally earned my OSCP certification, and I figured I’d update the ol’ blog with a couple thoughts of what I really think helped me out mentally. This post will not serve as a guide for specific tools, techniques, or tactics — rather to explain my mindset through out Continue Reading
LLMNR Poisoning – Part IV: Attacking
Part I: Part I: Requirements / Installing Operating SystemsPart II: Part II: Setting up Active DirectoryPart III: Part III: Joining Windows 10 to Domain, Mapping Shared Folder, & Quick Kali ConfigurationPart IV: Part IV: Attacking This is it! The final post of the series. We will not conduct our attack Continue Reading
LLMNR Poisoning – Part III: Joining Windows 10 to Domain, Mapping Shared Folder, & Quick Kali Configuration
Part I: Part I: Requirements / Installing Operating SystemsPart II: Part II: Setting up Active DirectoryPart III: Part III: Joining Windows 10 to Domain, Mapping Shared Folder, & Quick Kali ConfigurationPart IV: Part IV: Attacking Now that we’ve created a domain, a domain user, and a share, we’re going to Continue Reading
LLMNR Poisoning – Part II: Setting up Active Directory
Part I: Part I: Requirements / Installing Operating SystemsPart II: Part II: Setting up Active DirectoryPart III: Part III: Joining Windows 10 to Domain, Mapping Shared Folder, & Quick Kali ConfigurationPart IV: Part IV: Attacking Welcome back to LLMNR Poisoning. This is Part II of the series of posts providing Continue Reading
LLMNR Poisoning – Part I: Requirements / Installing Operating Systems
Part I: Part I: Requirements / Installing Operating SystemsPart II: Part II: Setting up Active DirectoryPart III: Part III: Joining Windows 10 to Domain, Mapping Shared Folder, & Quick Kali ConfigurationPart IV: Part IV: Attacking Introduction: This is part one of a series of posts I’ll be making on performing Continue Reading
Things I wish I knew before hitting up OSCP labs
First off let’s get this out of the way. I do not have my OSCP yet. I haven’t even taken the exam yet. (Scheduled, and very excited though). That being said, I completed all of the coursework and documented it, and have now rooted 32 machines. Because of this, it’s Continue Reading
BSidesSF CTF (Remote)
I am currently pursuing my OSCP, but every now and then I like to take a break and mess with my homelab or take a look at some challenges. Yesterday on a slack I participate on, someone posted a link to a BSidesSF CTF that was ongoing with their account Continue Reading
Certbot – Automatic HTTPS
This year I attended Shmoocon. Unfortunately, I could only go for the last day because I was in Jamaica for the first two days (which was pretty great). As I took a look through the list of talks, the one that stuck out to me as most interesting was “Encrypting Continue Reading
WarPi – RaspberryPi Wardriver
Backstory: During my summer “break” at college, I decided to take on a security related project. I was trying to think of something fun and semi-useful for myself, but I couldn’t think of anything interesting to do off the top of my head. As I was currently enrolled in a Continue Reading