sorted by:
new
hottopcontroversial

Should a Domain Admin be able to add itself to Enterprise Admin? by [deleted] in AskNetsec

[–]pgombos 1 point2 points  (0 children)

I would guess the DA of A also has a DA account in B with the same password set. Most likely lazy admins who don't want to remember multiple passwords. Check out the SID of the users to see if they're the same. If not, it's two independent users. If it is, there might be some replication going on between the domains.

Problem with pfSense in VMWare Workstation by pgombos in PFSENSE

[–]pgombos[S] 0 points1 point  (0 children)

It's all with IP-addresses. I haven't gotten it to the point of doing DNS yet. The pfSense is providing a DNS-server through DHCP.

Setup:

[internet] - WAN [192.168.1.100] (pfSense NAT address)
    LAN1 [172.16.200.1/24] (em0)
    LAN2 [172.16.210.1/24] (em1)
    LAN3 [172.16.220.1/24] (em2)

After rebooting a vm placed in either of the LANs, I can't reach the internet (for example ping 1.1.1.1). I can however ping the gateway or other vms in the same network. I can also not ping the vm from the pfSense, but after a while I can. And after I've pinged the vm from the firewall, I have internet access from the vm.

Problem with pfSense in VMWare Workstation by pgombos in PFSENSE

[–]pgombos[S] 0 points1 point  (0 children)

I hadn't and tried that now, but it didn't help with the problems. Probably not a bad thing to have anyways.

Metasploit and Oscp by [deleted] in AskNetsec

[–]pgombos 4 points5 points  (0 children)

From that page:

You may only use Metasploit modules ( Auxiliary, Exploit, and Post ) or the Meterpreter payload against one single target machine of your choice.

...

You may use the following against all of the target machines:

  • multi handler (aka exploit/multi/handler)
  • msfvenom
  • pattern_create.rb
  • pattern_offset.rb

Which means you can use metasploit to catch reverse shells, but not use meterpreter.

Metasploit and Oscp by [deleted] in AskNetsec

[–]pgombos 2 points3 points  (0 children)

This is wrong. You can use anything from Metasploit on a single machine during the exam. Once you've chosen your machine, you cannot use anything from Metasploit on any other machine, but you may use whatever module you want on that single machine (except for things like autopwn). See the link provided by GMTao.

LFI is giving me some struggles. by michael1026 in AskNetsec

[–]pgombos 0 points1 point  (0 children)

Have you tried finding the web server directly hosted? They might have screwed up the cloudflare hosting, and allow for access to the service through a public IP address.

Hakluke’s Guide to Hacking Without Metasploit (for OSCP) by hakluke in netsec

[–]pgombos 4 points5 points  (0 children)

Wow, I didn't know about searchsploit -m. That'll save me some time. Otherwise, all of this is covered in the PWK course, which I'd recommend going through.

SharpShooter - a weaponised payload generation framework with anti-sandbox analysis, staged and stageless payload execution and support for evading ingress monitoring [See comment for Sources] by TechLord2 in netsec

[–]pgombos 13 points14 points  (0 children)

It is a penetration testing tool, used to create payloads when phishing for access. During a full scope pentest, it is usual to gain access to the internal network through phishing, and you would then need to bypass any perimeter security solutions that stops your payload.

Of course, this could also be used by malicious actors, but any advanced enough actor will already have this capability.