7MS #547: Tales of Pentest Pwnage - Part 43
7 Minute Security · Brian Johnson
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.
Today we're talking about tales of pentest pwnage - specifically how much fun printers can be to get Active Directory creds. TLDL: get into a printer interface, adjust the LDAP lookup IP to be your Kali box, run nc -lvp 389 on your Kali box, and then "test" the credentials via the printer interface in order to (potentially) capture an Active Directory cred!
Today we also define an achievement that's fun to unlock called DDAD: Double Domain Admin Dance.