SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit [safepass.me](https://safepass.me/?7ms428 for more details, and tell them 7 Minute Security sent you to get a 10% discount!
Welcome to another fun tale of internal pentest pwnage! Today's tale includes these helpful informational tidbits:
My understanding is that in order for mitm6 relay attacks to work against DCs, those DCs have to have LDAPS config'd properly. Use
nmap -sV -p646 name.of.domain.controllerto verify this (thanks this site for the tip!)
PowerView is awesome when used with
Find-InterestingDomainShareFileto find interesting files with the word password or sensitive or other helpful strings.
I've also got some personal updates for you, including:
- House updates
- Fighting with the man/woman upstairs
- My worst Webinar nightmare came true
- A socially distanced wedding singing experience