Network Attack - Techno Herder

Kubernetes Security Review Cheat Sheet

by TechnoHerder : July 15, 2023July 15, 2023 3 Comments

Command reference and resources for reviewing the security posture of a Kubernetes infrastructuree.

Database Network Attack

1433 – MSSQL – TCP

by TechnoHerder : May 17, 2023 Leave a comment

Various notes ranging from enumeration to building reverse shells for exploiting Microsoft SQL Server, MSSQL.

Network Attack Tools

Port Forwarding in RTS

by TechnoHerder : May 4, 2023 Leave a comment

Adding Additional Port Forwards During Existing Session A little trick to setup further port forwards within a current SSH session is to press “<shift> <enter> ~ c” simultaneously and then supply the relevant command. Setting Up Multiple RDP Connections On the AWS box (connecting to deployed Kali): Edit the AWS instance .ssh/config to set up […]

Hacking 101 Network Attack Windows Attack

AS-REP Roasting

by TechnoHerder : December 4, 2022January 17, 2023 Leave a comment

In this blog post we will look at how to perform AS-REP roasting in two different ways, how to use hashcat to crack a krbasrep5 hashes, and how to mitigate this type of attack. During kerberos pre-authentication, a user’s NTID is used to encrypt a timestamp and then the domain controller will attempt to decrypt […]

Network Attack Windows Attack

Lateral Movement – Pass-the-Hash Attacks

by TechnoHerder : December 4, 2022January 17, 2023 1 Comment

In this post we will take a look A LOT of tools and techniques that can be used to perform a pass-the-hash attack. First, we will dump the local SAM file hashes off our initial victim and extract the local administrator account’s hash. From there, we will use the local administrator hash to move laterally […]

Network Attack Post-Exploitation Tools Windows Attack

Chisel with Proxychains

by TechnoHerder : November 27, 2022January 2, 2023 3 Comments

Chisel is a fast TCP/UDP tunnel, transported over HTTP, and secured via SSH. It uses a single executable for establishing connections as the client or server. Chisel is written in Go (golang). It is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into any network. Proxychains […]

Hacking 101 Network Attack

Proxying

by TechnoHerder : November 26, 2022January 2, 2023 14 Comments

RDP protocol Proxy RDP protocol using xfreerdp Proxy RDP protocol using xfreerdp and use NTLM hash to authenticate (PTH RDP) Enable Restricted Admin Mode (need admin priv)

Network Attack Wireless & RF-based Attacks

Airstrike Attack – FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316)

by TechnoHerder : November 26, 2022April 2, 2023 Leave a comment

By default, domain joined Windows workstations allow access to the network selection UI from the lock screen. An attacker with physical access to a locked device with WiFi capabilities (such as a laptop or a workstation) can abuse this functionality to force the laptop to authenticate against a rogue access point and capture a MSCHAPv2 […]

Hacking 101 Network Attack

External Network Penetration Testing

by TechnoHerder : November 26, 2022January 18, 2023 Leave a comment

Reconnaissance Passive External Network Reconnaissance Active External Network Reconnaissance NMAP Scanning /24 IP range with UDP and TCP scan using SMB NSE script. Recon-NG User account enumeration On web app portal Exposed services – Protocols HTTP/HTTPS SMTP DKIM / DMARC / SPF misconfiguration https://github.com/BishopFox/spoofcheck.git https://github.com/Mr-Un1k0d3r/SPFAbuse SNMP FTP SSH Databases (MySQL, MSSQL, Oracle, DB2, Postgre, MongoDB…) […]

Hacking 101 Network Attack

Internal Network Penetration Testing Notes

by TechnoHerder : November 26, 2022June 19, 2023 2 Comments

A collection of notes and snippets for guiding an Internal Network Penetration Test. Commands, techniques, and walkthroughs of examples of weaknesses to identify.