SANS Penetration Testing

Pen Test Poster: "White Board" - Bash - Find Juicy Stuff in the File System

By Matthew Toussain, Geoff Pamerleau Pilfering data is a post-exploitation phase that rarely receives enough credit. As pentesters, the way we demonstrate security risk and the way we escalate our attacks to a new level is based entirely on what we find after the compromise is realized. While manually driving the command line from directory … Continue reading Pen Test Poster: "White Board" - Bash - Find Juicy Stuff in the File System


Pen Test Poster: "White Board" - Bash - Sudo... Make Me a Sandwich

By Matthew Toussain, Geoff Pamerleau The other day, while working on setting up a new virtual machine for testing purposes, I ran the following command to get my networking configured ifconfig enp0s8 down only to be greeted with the following: GAH! Why do I need root privileges to bring up or down … Continue reading Pen Test Poster: "White Board" - Bash - Sudo... Make Me a Sandwich


Pen Test Poster: "White Board" - CMD.exe - C:\> wmic process

By Matthew Toussain, Grant Curell If Windows Management Instrumentation (WMI) is the Matrix then its console (WMIC) is Neo. WMI is the Microsoft variant of Web Based Enterprise Management (WBEM) and Common Information Model (CIM). Essentially, it forms the connective tissue that defines application specific characteristics to enable cohesive interactivity between systems from … Continue reading Pen Test Poster: "White Board" - CMD.exe - C:\\> wmic process


Pen Test Poster: "White Board" - CMD.exe - C:\> netsh interface

By Matthew Toussain, Grant Curell The pivot. Many intrusion campaigns follow a similar modus operandi. Attack the publicly available DMZ. Gain access to an initial target and leverage that access to pivot into the internal network. Now seize the objective. On Linux systems, Secure Shell (ssh) natively supports socks proxying. We can use this … Continue reading Pen Test Poster: "White Board" - CMD.exe - C:\\> netsh interface


Pen Test Poster: "White Board" - PowerShell - Ping Sweeper!

By Matthew Toussain, Grant Curell Introduction You may be shocked to find how often you don't have the right tool for the job. Fortunately, with a hammer everything looks like a nail, and with PowerShell'' Well we'll just have to make do. This post will dive into a number of techniques geared towards hammering … Continue reading Pen Test Poster: "White Board" - PowerShell - Ping Sweeper!