Zero to Hero: Episode 10 - MS17-010/EternalBlue, GPP/cPasswords, and Kerberoasting
Zero to Hero:
0:00 - Welcome
1:17 - Quick housekeeping
4:20 - Scanning our targets
10:46 - Reviewing nmap results for Blue
12:48 - Checking for MS17-010 w/ nmap
14:20 - Exploiting MS17-010 w/ Metasploit and post enumeration
25:15 - Reviewing nmap results for Active
27:50 - Extracting data w/ smbclient
32:20 - GPP/cPassword overview/exploitation
38:17 - Kerberoasting and post enumeration
Q&A / AMA:
52:00 - How old is the GPP exploit?
52:55 - Are you running Windows on VM?
53:37 - Is the OSCP still worth it for HR purposes?
54:14 - What sort of credentials to get into pentesting from military?
55:15 - Does Metasploit leave remnants?
56:40 - Errors on GetUsersSPN?
57:18 - Bug bounty hunting certs?
58:07 - Pass the Kerberos hash?
59:05 - Is it better to start on externals before internals ...
Продолжительность: | 01:32:54 |
Просмотров на youtube: | 5227 |
Youtube: https://www.youtube.com/watch?v=6rZddmB0fug
Комментарии