Oooooo, giggidy! Today is (once again) my favorite tale of pentest pwnage. I learned about a feature of PowerUpSQL that helped me find a “hidden” SQL account, and that account ended up being the key to the entire pentest! I wonder how many hidden SQL accounts I’ve missed on past pentests….SIGH! Check out the awesome BloodHound gang thread about this here.
Also, can’t get Rubeus monitor mode to capture TGTs to the registry? Try output to file instead:
rubeus monitor /interval:5 /nowrap /runfor:60 /consoleoutfile:c:\users\public\some-innocent-looking-file.log
In the tangent department, I talk about a personal music project I’m resurrecting to help my community.
정보
- 프로그램
- 주기매주 업데이트
- 발행일2024년 11월 15일 오후 5:45 UTC
- 길이54분
- 등급전체 연령 사용가