@Helixar_ai Love your site! So clean. Following for your journey. One thing I'm curious about is how PentAGI hit 404s on port 8444 if it can't connect due to the missing cert?
"..[sic] before any TCP handshake completes a useful exchange"? Handshake must have completed if there's a 404?
@unsigned_sh0rt@Trust_Foundry@_dru1d Thanks Garrett! I hadn't seen your post, and did this research back in January, but sounds like we were sniffing up the same tree😅 Though, I can wager it took me far longer than you to work it all out!!
And thanks for the BOF heads up, nice job @_dru1d!
🚀 New Research Drop + Free Tool Release! 🚀
Do you use PDQ deploy/inventory? Did you know that misconfigured PDQ environments can often lead to serious data exposure?
Our very own @_inspir3d has published research and a tool here:
https://t.co/pQHM7JSaE5
New blog: Phishing for Primary Refresh Tokens and Windows Hello keys. This blog describes how we can use device code phishing to obtain PRTs and in some cases even add backdoor Windows Hello keys 🤯
https://t.co/jDPKPeRhpl
Following his #DEFCON31#DC31 talk https://t.co/McoixOKiXj our @_EthicalChaos_ has written a follow up including further research on abusing mixed vendor Kerberos stacks, so that any user can be spoofed against any service hosted over GSSAPI https://t.co/oD5DekkI37
Finally got around to finishing my PoC for exploiting the new DA -> EA primitive via ADCS shared by the good folks at @SpecterOps and built upon by @Crypt32.
First time I've written anything other than a ping sweeper in PowerShell!
https://t.co/9CPfp4N6oG
Is anyone able to explain this behaviour? I can publish templates via SYSTEM GUI, but doing it with certutil fails - I guess I can programmatically modify the AD object to add the template name to the Enrollment Services CA, but curious as to why this fails?
@attractiontckts Hi! We booked some tickets recently and they’re all still saying awaiting_supplier_conf. How long until confirmed?
Also, we made a mistake on one of the bookings and put 5 adults, when it was meant to be 4 adults and 1 child.
Universal/Disney Combo
Not panicking about the #Fortinet RCE until we know what the vuln looks like. If it's another heap-based bug, it's APT bait but probably won't get exploited at scale. If it's a command injection (the decade's most popular vuln kid) or something, that's another story.
Trying to replicate Vadims Podāns (@Crypt32) no-ADCS child -> root domain technique but the resulting PFX returns 'KDC_ERROR_CLIENT_NOT_TRUSTED'.
Replication "delay" before the root level domain syncs with the child domain?
Highly recommend the original Spectre Ops post too
@Cyb3rCelt Hi dude! Nothing explicitly planned but I’ll convert my OSCP to CRT sometime when I get round to the CPSA! They do indeed seem a tad less exciting but seem to hold more weight in the UK! 😅
SEKTOR7 is glad to support RTV @ D3FC0N this year again. And this brings an extra discount!
Use the coupon below to get 25% off on any of the courses. No much time left, it ends on Sunday.
Coupon: D3FC0N-RTV-TW25
Have a great con, y'all!
#redteam#onlinelearning#RTO
@virginmedia Any chance you can stop calling me a few times a day and leaving voicemails even after I blocked the number? Turned all marketing preferences off.. Getting a bit irritating now