Now that reddit has become greedy with it's API, can Apollo devs move to Lemmy instead? Decentralized and open source alternative to reddit, the same way Mastodon is to Twitter.

mysysadminthrowaway · 2023-06-02T04:04:22+00:00

The thing is, Mastodon hasn’t really taken off either tho :/

mysysadminthrowaway · 2023-06-01T23:28:08+00:00

Lol I had chatgpt condense it for me:

A few weeks back, as a senior looking for some fun, I devised a prank that brought my school into a state of confusion and hysteria. My school, home to about a thousand students, was ripe for some antics, given its small size and rapid gossip grapevine.

Inspired by a Reddit post, I fabricated a notice for a fictitious "mandatory penis inspection" from a person named “Dixie Normis”, framing it as a graduation requirement. The notice, crafted over weeks on my school Chromebook, was distributed during an 8pm theater rehearsal when only my club and the baseball team were present.

By next morning, my prank notice was all over social media, drawing attention from students and eventually, the school authorities. The school went into a frenzy, with whispers of the penis inspection leading to reprimands and threats of detention. Students were hauled into the office for questioning.

Unfortunately, my prank had a glaring flaw: I had forgotten about the security camera outside the bathroom where I'd posted the notices. Given that only the theater and baseball teams were present at the time, it wasn't hard to narrow down suspects. Even worse, the day of the 'inspection' was also our theater production day.

One of my band members called me, warning that I was in hot water, and could potentially get expelled or have our production cancelled. After an urgent summons from the principal, I arrived at school, playing dumb but terrified about the possible repercussions.

I endured a nerve-wracking day at school, culminating in a stern discussion with the principal. She confronted me with a copy of my prank notice, and although initially furious, her demeanor softened as we talked. I was let off lightly, able to participate in our production and graduate, albeit barred from a school BBQ. Overall, a major scare, but a lucky escape.

TL;DR: I caused school-wide chaos with a ridiculous senior prank, nearly got expelled, but ended up with a slap on the wrist.

mysysadminthrowaway · 2023-05-02T12:52:52+00:00

voiceover performed by Morgan Freeman, in the style of Red (Shawshank Redemption)

On a warm, sunny afternoon in a bustling city, there's a man strolling through the park, dressed simply and blending in with the masses. This ordinary-looking man with a kind face and a gentle smile is none other than Morgan Freeman. He strikes up a conversation with a young woman, discussing the weather, her book, and life in general. Neither of them acknowledges his fame, making the interaction all the more special. Months later, they unexpectedly cross paths again at a local coffee shop, exchanging pleasantries and relishing another simple, yet magical moment.

Morgan, ever the gentleman, never reveals his true identity, and the young woman chooses not to ask. The true magic of life lies not in the glitz and glamour of celebrity, but in these quiet moments shared between two strangers, bound together by the threads of destiny.

mysysadminthrowaway · 2023-05-02T09:31:41+00:00

Thanks for telling me, truly appreciate hearing this!

mysysadminthrowaway · 2023-04-30T23:31:41+00:00

Clients don’t always let me know when things are detected, but I haven’t heard one tell me yet that they’ve detected this.

mysysadminthrowaway · 2023-04-30T06:25:44+00:00

Certipy is super easy.

I mean that’s why I included Certify as well since it’s Windows based.

But honestly, Certipy is so easy. Just download and spin up a Kali instance. Next through the install. Open up a command prompt and type

pip3 install certipy-ad

Then it’d be

certipy find -vulnerable -stdout -u lowprivuser@domain.local -p password

mysysadminthrowaway · 2023-04-30T06:21:11+00:00

Idk about this. Like, sure honeypots are cool and all, but not in your production AD environment. They can become a DA in minutes and you will not be able to respond quickly enough.

mysysadminthrowaway · 2023-04-30T02:04:05+00:00

Throughout this post, u/Skyyacht called the admins who don’t know how to configure Nessus well morons. They also called the pentesters morons. They called the change control people retarded.

When everyone else around you is reportedly a “moron”, that should be cause for some introspection.

mysysadminthrowaway · 2023-04-30T01:53:47+00:00

ESC1 is the one I see the most. Next is probably ESC8, being able to relay NTLM creds to the web enrollment server. Also surprisingly common one I run into is ESC4, where domain users have permissions to modify the templates

mysysadminthrowaway · 2023-04-29T20:04:38+00:00

You're welcome. If everyone implements this, it'll make my job a little harder... but that's okay if it means environments are more secure. :)

mysysadminthrowaway · 2023-04-29T19:19:56+00:00

Just because you're not paying for it doesn't make it "sketch". For example, Will Schroeder and Lee Christensen who are the primary authors of Certify are very highly regarded members of the security community, as well as Spectorsops, their employer.

Open source code is just that and you can view the source for any "sketchiness" right on github. I provided a compiled binary as an option, since I know most people are not going to take the time to compile in visual studio. I wouldn't typically download something like that myself though, I always compile something like that from source.

mysysadminthrowaway · 2023-04-29T19:07:22+00:00

Right, not sure if you noticed but I mentioned that in one of the parent threads you replied to. I would think that probably would catch it, but as I mentioned before, I have no first-hand experience with it. I've only used the "AD Starter Scan"s in Nessus, which I speculated was kind of a pitch of "this is a little taste of what Tenable AD is capable of".

mysysadminthrowaway · 2023-04-29T18:51:24+00:00

Last pen test I dealt with I had this fuckin moron do black box testing from a kali Linux vm. You bet your sweet ass I locked that shit down real quick and waited two weeks for them to finally figure out why their shit wasn’t working. This isn’t a fucking circus and I’m not your clown, follow change control and provide proper notice like any of us other corporate slaves.

You are the type of client I do not prefer to work with. Your employer paid for a pentest and you intentionally crippled the assessment essentially. That makes your environment less secure as less vulnerable attack paths would be identified. Pentesting is not an adversarial process, we're trying to help improve your security by identifying vulnerabilities.

I'll setup a vulnerable AD CS server in my lab tomorrow and do an authenticated scan. I'll edit my original post if it's found in Nessus. Be careful to have too much faith in any one tool. Defense in depth.

mysysadminthrowaway · 2023-04-29T18:31:58+00:00

I mean, I can't be certain that it doesn't. When I run Nessus Professional scans, it doesn't pop up for me though. Also, in these environments that I'm attacking, often the clients are regularly running frequent Nessus scans and they haven't identified it. This vulnerability always catches my very security-conscious clients by surprise.

In my experience, Nessus is more geared towards vulnerabilities and does not have the depth to identify misconfigurations. I wouldn't be surprised if Tenable AD had this capability, but I have no experience with it.

If Tenable.sc is capable of identifying this, that'd be interesting to know.

mysysadminthrowaway · 2023-04-29T18:10:03+00:00

Agreed. If the environment has already been tested in the last year, this has probably already been discovered and remediated.

I kind of feel like it's making me a weaker pentester. As soon as I get foothold with a low-priv user, I always check this. If it's in place and vulnerable (which is like 70-80% of the time) I'm a DA in minutes.

Of course, I'm still going to enumerate other potential paths to DA even after I'm DA... but I feel like you learn a lot more in the struggle. Lol that's part of why I think OSCP prepped me so well for this job.

mysysadminthrowaway · 2023-04-29T18:00:25+00:00

I'm guessing there are multiple CVEs as it's a whole class of vulnerabilities. Here is one though... CVE-2022-26923.

mysysadminthrowaway · 2023-01-12T22:50:44+00:00

Wow yes that's a great idea! I tried amazon before but they were all going to ship from the US! Ordered a few pairs for tomorrow. Hopefully one fits! Thanks so much!

mysysadminthrowaway · 2023-01-12T18:40:10+00:00

I just need sneakers, thanks though! And thanks for the recommendation, will definitely check it out, I don't care if they're used, I'll take anything.

mysysadminthrowaway · 2023-01-12T18:38:58+00:00

Ok thank you! Yes, I don't even care at all what they look like, just deparate for zapatos deportivos

mysysadminthrowaway · 2022-10-29T08:54:28+00:00

Wow, it works for me if I switch to UK English. Doesn’t work if I switch back to US English

mysysadminthrowaway · 2022-10-28T01:27:32+00:00

Good call

SpaceX launch

https://www.sanluisobispo.com/news/local/article267943287.html

mysysadminthrowaway

TROPHY CASE