7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
https://7ms.us/
7MS #396: Tales of Internal Pentest Pwnage - Part 13
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.
In last week's episode I was very close to potentially synching up some very sensitive data with my super secret back door account. In this episode, we resolve the cliffhanger and talk about:
-
How I don't remember lyrics or titles to songs - even the ones I love - such as My Prerogative. That's why Jack Black is my spirit animal, and he's awesome for singing Elton John songs right to Elton John
-
If you get DA (relatively) quickly, consider pivoting to a network assessment and crack hashes with secretsdump, test egress filtering, run Network Detective and more
-
Once you've cracked all the hashes you can, run it through hashcombiner and Pipal like this:
- The procdump + lsass trick is still really effective (though sometimes AV gobbles it)
(See full show notes at 7ms.us!)