Collaborate Disseminate
I used to run Mimikatz in one of my computers. Then, I did something to block its action and I do not recall what it was. I am trying to revert it unsuccessfully.
.#####. mimikatz 2.2.0 (x64) #19041 Aug 10 2021 17:19:53
.## ^ ##. &qu… Continue reading What can prevent Mimikatz from accessing LSA?
The download attribute in an a element tells the browser to force the download of a file that otherwise would be interpreted by the browser. This is very convenient, since often users want to download a (e.g. jpg) file instead of having th… Continue reading Security implications of download attribute
The Nmap script for HeartBleed (using Nmap v7.40) seems to work only over known ports. Whenever a non-standard port is used, the script does not report anything.
nmap -p 46000 –script ssl-heartbleed -script-args vulns.showa… Continue reading Nmap HeartBleed script does not seem to work over non-standard ports
I am trying to do something similar to what has been pointed out in this nice answer by Jonathon Reinhart.
I have a CA certificate with Name Constrains (RFC):
Permitted
[1]Subtrees (0..0):
DNS Name=valid.com
Excluded=None
A… Continue reading Using NameConstrains in a CA certificate
I was trying to use dnsspoof but it did not work as expected. These are the steps I followed:
Set IP forward in kernel to 1
arpspoof -i eth0 -t 192.168.1.39 -r 192.168.1.1 and arpspoof -i eth0 -t 192.168.1.1 -r 192.168.1.39… Continue reading dnsspoof not spoofing (requests and forwards real DNS packet)