by frank | Jun 28, 2019 | Palo Alto
Reading Time: < 1 minuteBy default the encryption method is a MD5 Salt encryption. (Same as old Linux easyily recognized by $1$AAA$BBB where AAA is the Salt and BBB is the hash).Therefor bruteforce is possible with tools like John or Hashcat (type 500).Only when it...
by frank | Jun 28, 2019 | Debug, Palo Alto
Reading Time: < 1 minuteWhen doing Credential Theft feature using the UserID information. From Uadebug files we see a lot of denied access.The following needed doing : dsmgmt.exelocal rolesadd MYDOMAIN\my_serv_user administratorsOriginal...
by frank | Jun 28, 2019 | Palo Alto
Reading Time: < 1 minuteadmin / adminconfigureset deviceconfig system ip-address 10.1.1.1 netmask 255.255.255.0 default-gateway 10.1.1.2 dns-setting servers primary 4.2.2.2commitexit show interface managementShow stats for interfaces :...
by frank | Jun 28, 2019 | Blue Team, Security, Windows
Reading Time: < 1 minuteLLMLR : Disable WPAD can be changed in Group Policy via the Services setting under ComputerConfiguration > Policies > Windows Settings > Security Settings > System Services and by disabling the WinHTTP WebProxy Auto-Discover...
by frank | Jun 25, 2019 | Linux, Security
On Linux, the issue is that if you want a process to listen to a lower port (<1024), then it needs to be run as root. You can circumvent this by running on http as a high port and redirect this high port to port 80. Example in config file : Listen 8080And...
Recent Comments