Linux intranet penetration

Although Linux has no domain environment, when we get the permission of a Linux system, can we just mention the right and capture sensitive information? Obviously, it's not just that. This article will start with getting a Linux shell and introduce the Linux intranet penetration technology, which is divided into several parts: container escape, ...

Posted by DJP1986 on Mon, 23 May 2022 08:59:44 +0300

Attack idea based on delegation in windows - resource-based constrained delegation

1. Preface I wrote an article before Attack ideas based on delegation in windows (Part I) - binding delegation and non binding delegation , today's resource-based constrained delegation attack is the last article of this topic. It is also a small comma for the research on the technical point of delegation. Delegation is too annoying!!! 2. ...

Posted by jahred on Sun, 01 May 2022 15:55:11 +0300

Intranet penetration series: icmptunnel of Intranet tunnel (Master James Barlow's)

preface This paper studies an ICMP tunnel tool, master James Barlow's ICMP tunnel github: https://github.com/jamesbarlow/icmptunnel 1, Overview 1. Introduction Finally updated in 2016, it is written in C language to create a virtual network card to transmit IP traffic through ICMP Protocol, providing a more reliable protocol and mechan ...

Posted by kernelgpf on Sun, 10 Apr 2022 05:31:55 +0300

CobaltStrike removes flow characteristics

CobaltStrike removes flow characteristics Ordinary CS doesn't do traffic confusion and will be blocked by the firewall. Therefore, it is occasionally seen that CS goes online, but there is no response to any operation. Try to confuse traffic here. Referring to the articles on the Internet, there are two methods: one is to change the content rel ...

Posted by biocyberman on Mon, 04 Apr 2022 01:29:12 +0300

Intranet penetration learning

After entering the intranet, we will face some unknown things and things, so we need to judge the current environment, for example, judge whether the machine is a Web server, public service area, file server, proxy server, DNS server or storage server. Let's have a look! Collect native information Who am I? where's this? Where am i? What is ...

Posted by CONFUSIONUK on Wed, 30 Mar 2022 16:41:08 +0300