Anurag's Blog

Before we start I would like to bring your attention to this PSP course from  Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. ( Image Source - xcart ) Description - A powershell script to exploit WordPress Plugin Is-human 1.4.2 - Remote Command Execution and Lunar CMS 3.3 Unauthenticated Remote Command Execution vulnerability. Exploit DB - 1.  https://www.exploit-db.com/exploits/17299/ 2.  https://www.exploit-db.com/exploits/33867 Script Code - Proof of Concept - The script can be found on my github - https://github.com/hexachordanu/PSP/blob/master/Exploits.ps1 This blog post has been created for completing the requirements of the SecurityTube PowerShell for Penetration Testers Certification Exam https://www.pentesteracademy.com/course?id=21 Student ID: PSP-3250

Before we start I would like to bring your attention to this PSP course from  Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. (Image Source : Forbse ) Description - A powershell script that extract locally stored passwords from the system. Script Code - Proof of Concept - Msf Ruby script - Powershell Version of above msf script - Script Execution results - References - https://www.itechtics.com/find-wifi-password/ https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/gather/credentials/windows_autologin.rb https://devblogs.microsoft.com/scripting/use-powershell-to-decrypt-lsa-secrets-from-the-registry/ https://github.com/samratashok/nishang/blob/master/Gather/Get-LSASecret.ps1 https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Get-GPPPassword.ps1 The script c...

Before we start I would like to bring your attention to this PSP course from  Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. Description - A powershell script that enumerate directories inside folders which are writable by non-admin users and print it out for the user. Script Code - Proof of Concept - References - https://sa1m0nz.wordpress.com/2018/01/26/enumerate-directories-inside-cwindowssystem32-which-are-writable-by-non-admin-users-powershell-for-pentesters-task-3/ The script can be found on my github - https://github.com/hexachordanu/PSP/blob/master/Enum-DirPermission.ps1 This blog post has been created for completing the requirements of the SecurityTube PowerShell for Penetration Testers Certification Exam https://www.pentesteracademy.com/course?id=21 Student ID: PSP-3250

Before we start I would like to bring your attention to this PSP course from  Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. (Image Source: winaero ) Description - A powershell script that takes list of target IPs and enumerate all open shares in a network,mark them with read and write access separately. Script Code - Proof of Concept - References - https://gallery.technet.microsoft.com/scriptcenter/a231026a-3fdb-4190-9915-38d8cd827348 The script can be found on my github - https://github.com/hexachordanu/PSP/blob/master/Scan-Shares.ps1 This blog post has been created for completing the requirements of the SecurityTube PowerShell for Penetration Testers Certification Exam https://www.pentesteracademy.com/course?id=21 Student ID: PSP-3250

Few months ago I didn't know what Active Directory is, and why should I care about it and never heard about ACL abuse and all. Although I had attended a BPAD (Breaking and Pwning Active Directory) training which was provided by Nullcon but I was not confident enough to go for this course exam, since my day-today activity involves VAPT stuffs related to Web/Network/Mobile and sometimes basic malware analysis (very basic one :p).  I started doing offshore lab and took help from some friends in understanding few Active Directory concepts. I did many silly mistakes during the lab and learned a lot. Meanwhile I registered for Active Directory Lab Course and got it in a discounted offer for first 50 students of about 11k INR  ( 1 mont lab access) :). Before wasting time any further let's dive into the review. The course -  https://www.pentesteracademy.com/activedirectorylab Certification - Certified Red Team Professional The Course Content  - After paying the c...

Before we start I would like to bring your attention to this PSP course from Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. AGENDA  : 1. Introduction to Powershell 2. Basic Authentication lab setup 3. Brute-force Basic Authentication using Powershell Script -   - cmdlet   - IP,Port and word-list should be easily configurable 1.  Introduction to Powershell  -  Microsoft says- PowerShell is a task-based command-line shell and scripting language built on .NET. PowerShell helps system administrators and power-users rapidly automate tasks that manage operating systems (Linux, macOS, and Windows) and processes. PowerShell commands let you manage computers from the command line. PowerShell providers let you access data stores, such as the registry and certificate store, as easily as you access the file system. PowerShell inc...