7MS #371: Tales of Internal Pentest Pwnage - Part 4


Manage episode 237990631 series 1288763
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

Today's episode is brought to you by ITProTV. It’s never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get over 65 hours of IT training for free by visiting https://pro.tv/7minute

Happy belated 4th of July! Today I've got another fun tale of internal pentest pwnage that comes out of a few recent assessments I did. These tests were really fun because the clients had good defensive measures in place, such as:

  • Having separate accounts for day-to-day operations and administrative/privileged tasks
  • Local Administrator account largely disabled across the enterprise
  • Lean membership in privileged groups (Domain Admins, Enterprise Admins, Schema Admins, etc.)
  • Hard-to-crack passwords!

Will I succeed in getting a solid foothold on this network and (hopefully) escalate to Domain Admin? Check out today's episode to find out!

379 episodes available. A new episode about every 6 days averaging 34 mins duration .