As part of part of a red team exercise, gaining foothold is key in our path to achieve AD control. In this post I will be talking about WPA2 Enterprise Networks, how PEAP works, why many deployed PEAP networks are insecure and how to take advantage of this to gain access and finally how to prevent it.
Posts by Year
Leaking hashes is not something new, however it is still possible to do it mainly because it is a feature that is enabled by default. It is caused by a design flaw in Windows related to the user authentication. In order to achieve single sign-on implementation Windows will try to authenticate to each server with the user credentials in the form on NTLM hashes. In this post I will explain which types of NTLM hashes there are, which ones are used for pash-the-hash, how to relay hashes and some techniques to leak them.
2018Back to top ↑
2016Back to top ↑
Introduction and PHP/Java implementation of Infinite Garble Extension (IGE)
Solución del reto Hackplayers y análisis del APK
Solución del último crackme de android de Deurus.
Solución del tercer crackme de Android de Deurus
Solución del segundo crackme de Android de Deurus