merous there's
>> simply no way to avoid them all - some of them just have to be accepted as
>> is.
>> >
>> > Cheers
>> > Ken
>> >
>> > -Original Message-
>> > From: Kurt Buff [mailto:kurt.b...@gmail.com]
>> > Sent: Tuesday
> risk. Work in a big enough org, and the risks are so numerous there's
> simply no way to avoid them all - some of them just have to be accepted as
> is.
> >
> > Cheers
> > Ken
> >
> > -Original Message-
> > From: Kurt Buff [mailto:kurt.b...@
2013 1:29 PM
> To: NT System Admin Issues
> Subject: Re: POSH PtH - this is...
>
> On Mon, Apr 8, 2013 at 8:04 PM, Ben Scott wrote:
>> On Mon, Apr 8, 2013 at 8:01 PM, Kurt Buff wrote:
>>> Agree with MBS that other tools could stand in for PowerShell, but
>>> WCE
--Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Tuesday, 9 April 2013 1:29 PM
To: NT System Admin Issues
Subject: Re: POSH PtH - this is...
On Mon, Apr 8, 2013 at 8:04 PM, Ben Scott wrote:
> On Mon, Apr 8, 2013 at 8:01 PM, Kurt Buff wrote:
>> Agree with MBS tha
On Mon, Apr 8, 2013 at 8:04 PM, Ben Scott wrote:
> On Mon, Apr 8, 2013 at 8:01 PM, Kurt Buff wrote:
>> Agree with MBS that other tools could stand in for PowerShell, but WCE
>> was actually new to me.
>
> Well, then, you didn't say that, you seemed focused on PoSh.
>
> WCE in particular is ne
On Mon, Apr 8, 2013 at 8:01 PM, Kurt Buff wrote:
> Agree with MBS that other tools could stand in for PowerShell, but WCE
> was actually new to me.
Well, then, you didn't say that, you seemed focused on PoSh.
WCE in particular is new to me, too, but I've certainly read of
attacks on the runn
assuming they use a password)
>
> Cheers
> Ken
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Tuesday, 9 April 2013 10:01 AM
> To: NT System Admin Issues
> Subject: Re: POSH PtH - this is...
>
> On Mon, Apr 8, 2013 at 4:17 PM, Ben
System Admin Issues
Subject: Re: POSH PtH - this is...
On Mon, Apr 8, 2013 at 4:17 PM, Ben Scott wrote:
> On Mon, Apr 8, 2013 at 7:06 PM, Kurt Buff wrote:
>> Amusing? Alarming? Both?
>> http://labofapenetrationtester.blogspot.in/2013/04/poshing-the-hashes.html
>
> Neither?
&g
On Mon, Apr 8, 2013 at 5:01 PM, Kurt Buff wrote:
> On Mon, Apr 8, 2013 at 4:17 PM, Ben Scott wrote:
>> On Mon, Apr 8, 2013 at 7:06 PM, Kurt Buff wrote:
>>> Amusing? Alarming? Both?
>>> http://labofapenetrationtester.blogspot.in/2013/04/poshing-the-hashes.html
>>
>> Neither?
>>
>> It seem to
On Mon, Apr 8, 2013 at 4:17 PM, Ben Scott wrote:
> On Mon, Apr 8, 2013 at 7:06 PM, Kurt Buff wrote:
>> Amusing? Alarming? Both?
>> http://labofapenetrationtester.blogspot.in/2013/04/poshing-the-hashes.html
>
> Neither?
>
> It seem to boil down to, if you steal credentials, you gain access
> t
+1
PowerShell really didn't add anything here. In every case, psexec or winrm
could be used instead.
-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Monday, April 8, 2013 7:17 PM
To: NT System Admin Issues
Subject: Re: POSH PtH - this is...
On Mon, Apr 8,
11 matches
Mail list logo