SANS Penetration Testing

Pen Test Poster: "White Board" - Bash - Sudo... Make Me a Sandwich

By Matthew Toussain, Geoff Pamerleau The other day, while working on setting up a new virtual machine for testing purposes, I ran the following command to get my networking configured ifconfig enp0s8 down only to be greeted with the following: GAH! Why do I need root privileges to bring up or down … Continue reading Pen Test Poster: "White Board" - Bash - Sudo... Make Me a Sandwich


Pen Test Poster: "White Board" - CMD.exe - C:\> wmic process

By Matthew Toussain, Grant Curell If Windows Management Instrumentation (WMI) is the Matrix then its console (WMIC) is Neo. WMI is the Microsoft variant of Web Based Enterprise Management (WBEM) and Common Information Model (CIM). Essentially, it forms the connective tissue that defines application specific characteristics to enable cohesive interactivity between systems from … Continue reading Pen Test Poster: "White Board" - CMD.exe - C:\\> wmic process


Pen Test Poster: "White Board" - CMD.exe - C:\> netsh interface

By Matthew Toussain, Grant Curell The pivot. Many intrusion campaigns follow a similar modus operandi. Attack the publicly available DMZ. Gain access to an initial target and leverage that access to pivot into the internal network. Now seize the objective. On Linux systems, Secure Shell (ssh) natively supports socks proxying. We can use this … Continue reading Pen Test Poster: "White Board" - CMD.exe - C:\\> netsh interface


Pen Test Poster: "White Board" - PowerShell - Ping Sweeper!

By Matthew Toussain, Grant Curell Introduction You may be shocked to find how often you don't have the right tool for the job. Fortunately, with a hammer everything looks like a nail, and with PowerShell'' Well we'll just have to make do. This post will dive into a number of techniques geared towards hammering … Continue reading Pen Test Poster: "White Board" - PowerShell - Ping Sweeper!


Got Meterpreter? PivotPowPY!

by Cliff Janzen My how time flies. It seems like only yesterday I wrote the post Got Meterpreter? Pivot! (/blog/2012/04/26/got-meterpreter-pivot), but it has been four and a half years. In our industry, the only thing constant is change and Mr. Ed Skoudis gave me the opportunity to revisit this topic to see what has changed. … Continue reading Got Meterpreter? PivotPowPY!