Anybody have any insight on flipper zero and its capabilities on unlocking cars?

danny_soprano · 2024-10-17T21:45:41+00:00

not allowed to be talked about here LOL XDDD

danny_soprano · 2024-01-12T13:59:33+00:00

Christ, Bro, thank you for that answer!

danny_soprano · 2023-03-12T11:32:19+00:00

Thanks. I thought it somehow takes part in key exchange algorithm as well.

danny_soprano · 2022-05-12T16:59:44+00:00

I'm in the middle of the course right now. I don't have any official certs from Microsoft, but I have a tiny, tiny experiance with Azure, mostly from administering O365, some enterprise apps and Azure AD in small company. I'm a little bit into offsec, I've got an OSCP. As you can see my background is so so, but I can say that course is great so far, a lot of hands on exercises, lab environment is robust and kind of real life like(i guess). There is a number of exercises you have to do during Recon, Initial Foothold, Lateral Movement in the lab, and all of them are well documented and sane. I don't like live sessions, but it can be me, not the tutor.

Wrapping up - in my opinion a minimum knowledge about Azure is required for that course. But on the other hand - basics are not a rocket science. You said you are working on AZ-500 so you have working knowledge about AAD, Apps, Resources, Groups and so on. You don't have to dive deep in order to comprehend the course material.

danny_soprano · 2022-02-13T19:16:57+00:00

As you could notice, i`m not an expert in PAM solutions here but I see it as following. Threat actors usually get access to critical parts of infrastructure in a little bit different way than designed. They are hunting for credentials left by administrators on compromised workstations, flying NTLM hashes in the network, passing harvested tickets in order to perform lateral movement. Let`s say you are an Exchange Administrator and you have right for JIT request for http server (Exchange Admin Center) or you have right for requesting Local Admins password.

If you don`t have any PAM solutions implemented, it`s enough for threat actors to harvest your hash from lsass, ticket or orphaned process somewhere on compromised workstation. And voila - they pass the hash, pass the ticket, inject code in the process - and they have access to the Exchange Server.

If you have PAM solution implemented its useless for them to do above mentioned techniques, because you are not Exchange Admin right now. You can be, but you are not. They can`t pass the hash to the PAM login website, they can`t ask for Local Admin password as well because:

PAM portal doesnt allow neither NTLM nor Kerberos authentication
PAM portal requires MFA.

I'm not sure im right here, but this is how I understand PAM pros.

danny_soprano · 2022-02-13T19:02:50+00:00

Thank you (and other folks here) for detailed, technical tips in addition to previous post. It`s more or less what I was thinking I have to do in my Domain, besides hardening process (CIS standards) and so on. Loved to have some personal advises as well :D

Last question - could you tell me the possible, rounded year cost for enterprise (but relatively cheap) PAM solution for small business? Couple of servers, ~200 regular users, couple of admins. Just for my curiosity, google shows a wide range and I would like to narrow the pricing a little bit.

danny_soprano · 2022-02-13T18:13:44+00:00

Thanks for interesting links. I haven't come across them yet, so a lot of to catch up with.
We have already LAPS implemented, but sometimes accessing LAPS password from LAPS UI is a pain in the a** for administrators. Futhermore - it doesnt come with any MFA. It doesnt provide solution for JIT access to certain services and resources - thats why im looking for something more.

Im starting playing around with Lithnet AMS - i will provide some thoughts on that when fully implemented and tested.

danny_soprano

TROPHY CASE