[Dailydave] Kerberos Fun
Dave Aitel
dave at immunityinc.com
Thu Feb 5 13:58:50 EST 2015
https://vimeo.com/118831548
So I wanted to show everyone this 2-minute movie of CANVAS 6.98
exploiting MS14-068, but I can describe it as well:
1. You add a target (the some box on a domain)
2. You click the exploit, filling in a username and password for the domain.
3. You have a shell on the box as LOCAL/SYSTEM!
I also wanted to link to the Metasploit way, which is a bit more
complex, involving Mimikatz and a bit of a workflow.
https://community.rapid7.com/community/metasploit/blog/2014/12/25/12-days-of-haxmas-ms14-068-now-in-metasploit
-dave
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150205/063ec0c2/attachment.sig>
More information about the Dailydave
mailing list