josephpierini.blogspot.com
Joseph Pierini, Hacker.: March 2012
http://josephpierini.blogspot.com/2012_03_01_archive.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Monday, March 19, 2012. Exploiting Network File System (NFS) shares. Clients with old Sun/unix boxes routinely have NFS shares that nobody thinks about. Next time you’re on an internal, keep this in mind:. Showmount -e IP Address. Hopefully the results will look something like this:. Root@attacker]# showmount -e 192.168.0.1. Export list for 192.168.0.1:. You ask now, how do you circumve...
josephpierini.blogspot.com
Joseph Pierini, Hacker.: July 2012
http://josephpierini.blogspot.com/2012_07_01_archive.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Thursday, July 26, 2012. Update to the NMAP Pass the Hash script. I've had a lot of questions about this, so let's see if this helps. When I score a password or a hash, I use an nmap script to quickly determine if this gives me local admin rights to the workstations and servers:. Smbuser=[ADMIN] = Shared administrator account name. Smbpass=[PASSWORD] = The shared account password. Code ...
josephpierini.blogspot.com
Joseph Pierini, Hacker.: October 2011
http://josephpierini.blogspot.com/2011_10_01_archive.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Friday, October 7, 2011. Let's speed up pwning the Enterprise another notch. In this scenario, we've obtained an account hash through a Man-in-the-Middle attack using, say, Easy-Creds. Nmap supports the use of password hashes:. HINT: To test using the local user password hashes, use "smbdomain=.". Http:/ nmap.org/nsedoc/lib/smbauth.html. Tuesday, October 4, 2011. A Faster psexec Attack.
josephpierini.blogspot.com
Joseph Pierini, Hacker.: April 2012
http://josephpierini.blogspot.com/2012_04_01_archive.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Friday, April 20, 2012. Hotel Front Desk Systems Targeted with Malware. Hello all, I’m offering Hotel RATs. In other words: A virtual skimmer. I’m offering this method for $280, guaranteed US/Canada/UK connections and a method on how to obtain them on your own. From showing you how to setup your RAT (which includes a free crypt – fully undetectable to all Antiviruses) al...Ideally, Poin...
josephpierini.blogspot.com
Joseph Pierini, Hacker.: SQL Server Management Studio Tips
http://josephpierini.blogspot.com/2012/07/sql-server-management-studio-tips.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Thursday, July 5, 2012. SQL Server Management Studio Tips. How do I indicate a different port number when connecting to the server using SQL management Studio? 127001,6283 add a comma between the ip and port. How do I Connect To A Database Using Windows Authentication With Different Credentials Using SQL Server Management Studio? July 2, 2013 at 12:19 AM. Nice post very helpful.
josephpierini.blogspot.com
Joseph Pierini, Hacker.: November 2011
http://josephpierini.blogspot.com/2011_11_01_archive.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Monday, November 21, 2011. Quick list of Nmap and cut commands. NMap is a powerful tool but can be a bit of a pain when all I need is to get a clean list of live IP addresses. Here is a list of my go-to scripts for narrowing down all possible targets into a list I can pass into Nessus:. From a target list:. For a specific port or ports:. Get a number of live systems when using -Pn.
josephpierini.blogspot.com
Joseph Pierini, Hacker.: June 2015
http://josephpierini.blogspot.com/2015_06_01_archive.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Friday, June 5, 2015. Do you need to do an internal pen test when the CDE is in the Cloud? Subscribe to: Posts (Atom). Joseph Pierini is the Director of Technical Services for PSC's Security Lab, Penetration Tester and reluctant PCI QSA, PA-QSA and QSE. Working hard to make PCI "Real Security". View my complete profile. Find me on the web.
josephpierini.blogspot.com
Joseph Pierini, Hacker.: Update to the NMAP Pass the Hash script
http://josephpierini.blogspot.com/2012/07/update-to-nmap-pass-hash-script.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Thursday, July 26, 2012. Update to the NMAP Pass the Hash script. I've had a lot of questions about this, so let's see if this helps. When I score a password or a hash, I use an nmap script to quickly determine if this gives me local admin rights to the workstations and servers:. Smbuser=[ADMIN] = Shared administrator account name. Smbpass=[PASSWORD] = The shared account password. Code ...
josephpierini.blogspot.com
Joseph Pierini, Hacker.: September 2011
http://josephpierini.blogspot.com/2011_09_01_archive.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Thursday, September 22, 2011. Automating the Hack. From Exploit to Domain Admin, Complete Enterprise P0wnage. This post assumes you have a working knowledge of Metasploit and you're running it off of BackTrack. You'll need to prep your environment and setup your Metasploit with the required multi meter resource.rb file which you can download from here:. All list tokens -u. After you've ...
josephpierini.blogspot.com
Joseph Pierini, Hacker.: Hacking Microsoft SQL Dedicated Admin Connection (DAC)
http://josephpierini.blogspot.com/2012/07/microsoft-sql-dedicated-admin.html
Joseph Pierini, Hacker. A place to store my favorite hacks and scripts and share a little knowledge with the community. Thursday, July 5, 2012. Hacking Microsoft SQL Dedicated Admin Connection (DAC). Microsoft SQL Dedicated Admin Connection (DAC). The following example enables the DAC from a remote computer. Sp configure 'remote admin connections', 1;. C: Users Win7 sqlcmd -A -S 172.16.x.x -U sa -P Bob$yourUncl3. To determine the state of the DAC:. Sp configure 'remote admin connections'. 1: Indicates re...
SOCIAL ENGAGEMENT