HackTheBox - PivotAPI
https://youtu.be/FbTxPz_GA4o
https://youtu.be/hzsGMj9C8Nw
https://0xdf.gitlab.io/2021/11/06/htb-pivotapi.html
#htb #writeup #ad #reverse
https://youtu.be/FbTxPz_GA4o
https://youtu.be/hzsGMj9C8Nw
https://0xdf.gitlab.io/2021/11/06/htb-pivotapi.html
#htb #writeup #ad #reverse
YouTube
HackTheBox - PivotAPI
00:00 - Intro
01:00 - Start of nmap, downloading files over FTP
05:25 - The contents of all the PDF's don't really help. Using exiftool to extract authors.
08:20 - Using Kerbrute to bruteforce valid users and getting ASREP Hash. It is ETYPE 18, which hashcat…
01:00 - Start of nmap, downloading files over FTP
05:25 - The contents of all the PDF's don't really help. Using exiftool to extract authors.
08:20 - Using Kerbrute to bruteforce valid users and getting ASREP Hash. It is ETYPE 18, which hashcat…
🐚 PSAsyncShell: Asynchronous Firewall Bypass
PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell.
Unlike other reverse shells, all the communication and execution flow is done asynchronously, allowing to bypass some firewalls and some countermeasures against this kind of remote connections.
🔗 Research:
https://darkbyte.net/psasyncshell-bypasseando-firewalls-con-una-shell-tcp-asincrona/
🔗 Source:
https://github.com/JoelGMSec/PSAsyncShell
#ad #powershell #reverse #shell
PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell.
Unlike other reverse shells, all the communication and execution flow is done asynchronously, allowing to bypass some firewalls and some countermeasures against this kind of remote connections.
🔗 Research:
https://darkbyte.net/psasyncshell-bypasseando-firewalls-con-una-shell-tcp-asincrona/
🔗 Source:
https://github.com/JoelGMSec/PSAsyncShell
#ad #powershell #reverse #shell
🔥4
👾 Windows Drivers Reverse Engineering Methodology
This blog post details a methodology for reverse engineering and finding vulnerable code paths in Windows drivers.
Including a guide for setting up a lab for (the pesky) kernel debugging.
https://voidsec.com/windows-drivers-reverse-engineering-methodology/
#reverse #driver #analysis
This blog post details a methodology for reverse engineering and finding vulnerable code paths in Windows drivers.
Including a guide for setting up a lab for (the pesky) kernel debugging.
https://voidsec.com/windows-drivers-reverse-engineering-methodology/
#reverse #driver #analysis
🔥6👍4
🕳 Ngrok: SSH Reverse Tunnel Agent
Did you know that you can run ngrok without even installing ngrok? You can start tunnels via SSH without downloading an ngrok agent by running an SSH reverse tunnel command:
https://ngrok.com/docs/secure-tunnels/tunnels/ssh-reverse-tunnel-agent/
#ngrok #ssh #reverse #tunnel
Did you know that you can run ngrok without even installing ngrok? You can start tunnels via SSH without downloading an ngrok agent by running an SSH reverse tunnel command:
ssh -i ~/.ssh/id_ed25519 -R 80:localhost:80 [email protected] http
Source:https://ngrok.com/docs/secure-tunnels/tunnels/ssh-reverse-tunnel-agent/
#ngrok #ssh #reverse #tunnel
🔥12👍6