Collaborate Disseminate
I have a PC using Windows 7 in 192.168.0.10 where there is a folder, lets call Data, that i want to make avaliable for any computer connected to this network ( 192.168.0.X )
I have shared that folder to everyone and to the g… Continue reading Enter as guest into another server folder
Assume the following:
An attacker has access to a remote Windows share on a remote host.
Attacker manages to bruteforce a local Windows account on the host and can login to it via SMB.
Attacker can write files via SMB.
Vi… Continue reading Is it possible to execute an executable with authenticated SMB?
Say that an organization has a closed network – only its own computers can access it. Each of these computers has Windows 10 Enterprise. For obvious reasons, users aren’t given administrator privileges. Anyone within the orga… Continue reading What can someone do with (non-admin) command prompt on a network?
In the blackhat talk by Gentikwiki on Mimikatz back in 2014,
he mentioned that you can pass the service ticket also, but i am unable to replicate it in a lab. It throws an access denied.
Passing the TGT works all good.
I have a laptop with Windows 10. If I go on settings and then privacy there is a list of apps with the information about their permission to use my camera (I’m talking about the built-in camera, not an external device). If I … Continue reading Laptop camera app permissions
I am trying to demo an exploit and here is the scenario:
A service is running with SYSTEM privileges where the executable it is running (binpath) can be modified by any user. The exploit consists of replacing the target bina… Continue reading Is there a way to overwrite a file being used by a service without service management permissions?
My kid is starting 6th grade and the school requires him to get a laptop and bring it to school. Now the school IT department wants to install some software on the laptop and is asking for administrative access. They want to … Continue reading Should I let my child’s school have access to my kid’s personal laptop?
I am trying to escalate privileges from an ISS user on Windows Server 2012 R2 by exploiting Environment Variables in Scheduled Tasks for UAC Bypass as the following link explains the exploit:
https://tyranidslair.blogspot.co… Continue reading Exploiting Environment Variables in Scheduled Tasks for UAC Bypass
Not sure if this is best placed here but here goes …
I need some authentication options for software that is usually deployed in AD,
when a machine running the software registers in the environment/domain we want to be abl… Continue reading Machine and User Authentication in Active Directory
I run Windows10 and would like the contents of my system default “Downloads” folder to be non-executable. I want at least for a landing zone where I can scan files, run hash checks, and so on. You know what I’m getting at –… Continue reading How can I disable execution of programs from Downloads directory in Windows 10?