|
š Michael Grafnetter
@
MGrafnetter
Prague, Czech Republic
|
|
IT Security Researcher and Trainer, Author of DSInternals PowerShell Module
|
|
|
172
Tweetovi
|
97
Pratim
|
1.208
Osobe koje vas prate
|
| Tweetovi |
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Andrew Robbins
@_wald0
|
31. sij |
|
Join me and @CptJesus on Tuesday, February 11th as we unveil #BloodHound 3.0! We will demo new attack primitives, performance improvements, and changes in the GUI.
Register for the webinar here (recording available afterwards): specterops.zoom.us/webinar/registā¦ pic.twitter.com/pP4BxRE0tN
|
||
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Alex Simons
@Alex_A_Simons
|
28. sij |
|
You want to read this: Five Identity Priorities for 2020 (a really good blog post from my boss Joy Chik)
techcommunity.microsoft.com/t5/azure-activā¦ pic.twitter.com/OJvcuOHCGL
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Luca Marcelli
@layle_ctf
|
26. sij |
|
Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;)
Don't forget to patch! pic.twitter.com/FekupjS6qG
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Matthieu Garin
@matthieugarin
|
21. sij |
|
Le skimmer de dingue !! š³š¬ twitter.com/guisouzadias/sā¦
|
||
|
|
||
|
|
š Michael Grafnetter
@MGrafnetter
|
19. sij |
|
And the winner is ... bf5b160e133c84572b9fe664bf4c718a. But I wonder if copy-pasting the password instead of typing it directly might affect the results somehow. The Windows password dialog window shows 14 stars when I paste š®ššŖš¶š¹šµš®.
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Alex Weinert
@Alex_T_Weinert
|
19. sij |
|
Nice article on MFA rollout from @ajohnsocyber and @divinetechygirl : microsoft.com/security/blog/ā¦
|
||
|
|
||
|
|
š Michael Grafnetter
@MGrafnetter
|
19. sij |
|
I honestly don't know. But I just successfully verified those 2 values by first setting them as Windows local account passwords and then looking into the SAM database using mimikatz. Got the same results as from ConvertTo-NTHash, my own PowerShell wrapper of SystemFunction007.
|
||
|
|
||
|
|
š Michael Grafnetter
@MGrafnetter
|
19. sij |
|
IMO Microsoft's implementation of NTOWF in Windows (exposed as SystemFunction007 in advapi32.dll, expects UTF-16 input) should be a reference point here. For password contraseƱa I get 305a42a96d4df77c1f0434f63a28239a and for ŠæŠ°ŃŠ¾Š»Ń it returns 507e3ee80df7db7c1fdd8d50ae8db606.
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Ryan Ries
@JosephRyanRies
|
15. sij |
|
Hundreds of useful KBs got deleted just because they said "Applies to: Windows Server 2003" and weren't updated, even though the articles were still relevant?
Won't catch me slippin again. pic.twitter.com/12zCRt7myo
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
š„ Benjamin Delpy
@gentilkiwi
|
16. sij |
|
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Corben Leo
@hacker_
|
10. sij |
|
Citrix ADC/Netscaler RCE (CVE-2019-19781) š¬ pic.twitter.com/87T7cR2uoo
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Paula Januszkiewicz
@PaulaCqure
|
9. sij |
|
2020 will surely surprise us with many cybersecurity threats, that we didnāt expect. But some of them can be predicted.
In its article @Forbes listed i.a. #IoT, #AI and #ZeroTrust.
See the summary of all the possible threats, gathered here: cqu.re/2R1gg4j pic.twitter.com/RnVnA3Pc2j
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
|
š„ Benjamin Delpy
@gentilkiwi
|
4. sij |
|
I just pushed a #mimikatz š„ release to support SupplementalCredentials attribute in local SAM
A lots of fixes in lsadump::sam & dpapi::chrome functions too
> github.com/gentilkiwi/mimā¦
Works on live system or offline/backup filesš
Again, thank you @MGrafnetter pic.twitter.com/Tg5mSbXIKO
|
||
|
|
||
|
|
š Michael Grafnetter
@MGrafnetter
|
2. sij |
|
OMG, is it still Xmas? Thank you, Benjamin!
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
|
š„ Benjamin Delpy
@gentilkiwi
|
2. sij |
|
I just pushed the first #mimikatz version of the year
Support RSA, DSA & EC(DH|DSA) keys:
- export (even when not exportable)
- convert from different format (PVK,blob,PKCS#8,PEM,DER,...) to PKCS#8
- build your PKCS#12 (pfx) from raw keys & certificates
> github.com/gentilkiwi/mimā¦ pic.twitter.com/JFReFWG5kg
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Responder
@PythonResponder
|
2. sij |
|
Responder 2.3.4.5 is on the way, major auth servers refactoring, py2 and py3 support, tool enhancements, and throughout Q.A. Be patient, I'm doing this on my free time, but I'm sure you'll enjoy it when it's out :)
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Seunghun Han
@kkamagui1
|
30. stu |
|
#BitLeaker demo video for #BlackHat Europe 2019 is now available. youtu.be/H6uAkLC_8kQ We extracted the VMK with the TPM vulnerability and decrypted the BitLocker-locked partition with it! BitLeaker will be published soon. Please use BitLocker with the PIN. @BlackHatEvents pic.twitter.com/INnBPdySXb
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
|
š„ Benjamin Delpy
@gentilkiwi
|
22. pro |
|
Windows Defender killing Outlook process because of the usage of an authentication certificate with CN=.., O=mimikatz, ... ā
"Internal behavior" pic.twitter.com/ivkDQJmIzz
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
|
š„ Benjamin Delpy
@gentilkiwi
|
23. pro |
|
Just released a #mimikatz version to support new options when creating SmartCard to logonš
> github.com/gentilkiwi/mimā¦ pic.twitter.com/dV2aaSuXIO
|
||
|
|
||
| š Michael Grafnetter proslijedio/la je tweet | ||
|
Jan Muenther
@janmuenther
|
18. pro |
|
Incident Response Plan pic.twitter.com/mjHoWAf6YE
|
||
|
|
||