Help Irongeek.com pay for bandwidth and research equipment:
From Broadcast to Totally Pwned - (BSides Knoxville 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)
From Broadcast to Totally Pwned
Russel Van Tuyl, Matt Smith
BSides Knoxville 2015
This talk covers two methods used by penetration testers to pwn
From Broadcast to Totally Pwned: Network broadcast traffic such as NetBIOS and LLMR are often ignored or unknown. This portion of the presentation divulges my 'one trick pony' move to pwning networks by exploiting broadcast traffic. This attack hones in on a Microsoft built-in 'feature' for automagically configuring proxies. By simply responding to broadcast messages you can retrieve password hashes with no user interaction required.
From Pastebin to Totally Pwned: This presentation follows the path of a real penetration test performed against a customer in the past year. Starting with a seemingly obscure Pastebin entry discovered by the test team, it led to the compromise of an Internet-facing email server. Did the team then pivot through the server to compromise the customer's internal network?
Printable version of this article