I frequently give this talk titled:  "Securing Your Small Business" but the content of the talk actually applies to both small businesses and individuals.  The gist of it is basic security hygiene and one of the topics I discuss is passwords and password managers.  In that part of the talk, I show how a password manager can auto-populate the fields of a login.  One of the comments I would frequently hear -- turned into a slide.  The comment:  "My web browser can do that."  My reply:  "I can steal your browser passwords."  And I typically follow that up with something along the lines of it being "trivial" and that I'm unable to easily steal passwords from password managers.  That pretty much sets up this post...


    I'm working on a project and I came across an Android phone in debug mode.  In order to play around with the exploitation frameworks, I downloaded Android4: 1 from Vulnhub to understand what I was dealing with in an outside environment.  There are a number of frameworks but the two that I came across were Ghost and Phonesploit.  Both work similarly but I prefer the latter.

    Kicking off with an Nmap scan:


    Another cyber range appeared recently and it's similar to Vulnhub where people upload VM's, you download them, and get flags.  There's a points system like TryHackMe and HackTheBox which is a great way to gamify the environment.  I was curious to play and I download Number. 

    The box does not have a description other than it states that it's a Medium level system.


    From the description:  "Remote Server Administration Tools (RSAT) lets IT admins manage Windows Server roles and features from a Windows 10 PC."

    RSAT can be used to enumerate the domain from any Windows 10 workstation (probably lower versions too) as long as it's either already installed already or you have local admin access.  I wrote this collection of commands to replace PowerView because outside of lab environments, PowerView won't make it onto the machine without endpoint protection eating it. 


    Page 1 of 63

    Cybersecurity solutions for small businesses.

    info@sevenlayers.com
    877.468.0911

    © 2021 Seven Layer Networks, Inc. | All rights reserved.