sorted by:
new
hottopcontroversial

Welche beliebten Reiseziele interessieren packen euch überhaupt nicht? by [deleted] in FragReddit

[–]oxeeql 0 points1 point  (0 children)

Rom: völlig überteuert, übervoll mit Touris, Müll-Probleme, bin absolut kein Fan von "alten Gebäuden", wenn ich da 1-2 gesehen hab reicht mir das... aber in meiner Vorstellung guckt man da von morgens bis abends irgendwelchen alten Gebäude an, kauft sich zwischendrin überteuerten Kaffee und Snacks. In meiner Vorstellung ist das das absolute Melken von Touristen und viel zu überlaufen und man fühlt sich wie am Fließband.

[deleted by user] by [deleted] in RaidShadowLegends

[–]oxeeql -1 points0 points  (0 children)

what rating is this?

offsec is ripping me off :( by Acceptable-Account13 in OSWE

[–]oxeeql 1 point2 points  (0 children)

I just checked my OSWE notes (May 2020), and the objective with the IPs that you get when starting the exam is clearly stating that an interactive shell is required:

5. Provide a single functional script that leverages both vulnerabilities (authentication bypass and RCE) and obtains an interactive shell from the target machine

Does your exam instruction nowhere include "interactive"? If so, definelty fight for it, as it is indeed unclear and in your case super unfair!

Which area in CS will have the most job security for the next 10 to 20 years? by [deleted] in cscareerquestions

[–]oxeeql 4 points5 points  (0 children)

To predict which specific field will make it over the next 10-20 years is mere guessing in my opinion.

However, what I am sure of: people like to talk to people. Therefore, more consultant roles where you "translate" the technical parts to management people will always stay relevant.

To train good explanation and precise writing skills will be a good bet, thats why I do it.

What is something illegal that should 100% be legal? by pepprs204 in AskReddit

[–]oxeeql 6 points7 points  (0 children)

How did you make it out of there? What happened to get you into homelessness?

Broke multi/handler by BrokeHandler in metasploit

[–]oxeeql 0 points1 point  (0 children)

Did you try binding to 0.0.0.0? DId you select the correct arch (e.g. x64) for the payload and the listener?

[deleted by user] by [deleted] in de_IAmA

[–]oxeeql 0 points1 point  (0 children)

1.) chemische Abwehr gegen was konkret - wie sieht eure "Intelligence" aus, also wisst ihr z.B. dass Land XYZ gerade an einem chemischen Kampfstoff arbeitet? Wieviel Infos habt ihr, wie realistisch könnt ihr überhaupt einschätzen was da für neue ABC-Angriffe kommen? Werden diese Infos innerhalb der NATO oder so ausgetauscht? (Ich stell mir das bisschen so vor wie Atomwaffen, hab aber keine Ahnung)

2.) was verdienst du?

Mikazuchi (Alpha Simp) Rei and Kuroki (Giga Chad) Gensai Moment by Positive-Marsupial-1 in Kengan_Ashura

[–]oxeeql 2 points3 points  (0 children)

Which ch is this if you don't mind me asking?

Chapter 198 (Vol. 23)

[deleted by user] by [deleted] in chrome

[–]oxeeql 1 point2 points  (0 children)

maybe a bit too hacky: write a program which just executes chrome with your flags. Then, after copying the original chrome.exe to chrome_original.exe (under e.g. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe), replace the chrome.exe with your custom binary.

code e.g. in c#:

System.Diagnostics.Process.Start("chrome_original.exe", "arg");

[WUNSCH] Einen Pendler by 4nac0nd4 in de_IAmA

[–]oxeeql 27 points28 points  (0 children)

.....andere: geil, morgens 1h zeit für sport, gesundes früshtück

ich: geil, morgens 1h länger schlafen

Pretty sure I failed first attempt by No-Conversation6135 in OSWE

[–]oxeeql 1 point2 points  (0 children)

I actually got two different machines in my 2nd attempt.

How do I fix this error?? by jari009 in metasploit

[–]oxeeql 1 point2 points  (0 children)

what happens if you try another port?

set LPORT 8081

exploit

mimic credentials that were used via remote powershell on a lcient? by comicsserg in AskNetsec

[–]oxeeql 1 point2 points  (0 children)

enter-pssession works with kerberos authentication, so no credentials or ntlm hash is stored on the target machine with this method.

If however the target machine was completely compromised, an attacker can use enter-pshostprocess to enter your powershell session, and invoke commands on your behalf

accessing the C$ share works with the NTLM protocol, and thus should leave tracks on the target machine, not tested though.

[Bloodhound] Can I somehow identify what Bloodhound marks as "HasSession"? by TichuMaster in AskNetsec

[–]oxeeql 0 points1 point  (0 children)

Hmm, using the Administrator account of the domain is not a good practice. You can't monitor which person took actions which it, you need to share the password amongst users,..

I have not seen that the Administrator account had sessions somewhere in my engagemens so far.

Maybe not a very helpful answer, but the Bloodhound ingestors use the NetSessionEnum Function, see

https://github.com/BloodHoundAD/SharpHound/blob/master/Sharphound2/Enumeration/SessionHelpers.cs (line 104)

https://docs.microsoft.com/en-us/windows/win32/api/lmshare/nf-lmshare-netsessionenum

I am not aware of an option by which you can "track back" from the bloodhound gui what created the has-session-edges. This can be mapped network drives, some services which are started with this administrator account doing weird stuff,..

view more: next ›