Gerren Murphy

Occasionally, useful things fall out of my cranium and land here.

Menu
  • Home
  • About
  • Contact

Running Sharphound From a Non-Domain PC

By Gerren Murphy
|
January 5, 2019
| No Comments
| Pentesting

This is documented here as well: https://github.com/BloodHoundAD/BloodHound/issues/113 but it took me a while to find this… If you want to run Sharphound from a PC that is not joined to the target domain, open a command prompt and run: runas /netonly /user:DOMAIN\USER powershell.exe Enter the password for DOMAIN\USER: Attempting to start powershell.exe as user “DOMAIN\USER” … […]

Read More »

Posted in Pentesting Tagged Bloodhound, recon Leave a comment

Getting the GAL (via Skype/Lync)

By Gerren Murphy
|
January 4, 2019
| No Comments
| Pentesting

This could also be called “The 1121st reason that I  <3 Sublime Text.”) All of this may already be well known, but I didn’t see too many references to it (if any), so I thought it would be helpful to share… So the scenario was that this client had most of their externally facing portals […]

Read More »

Posted in Pentesting

2018 Wild West Hackin’ Fest – A Look Back

By Gerren Murphy
|
October 29, 2018
| No Comments
| Uncategorized

TL;DR: WWHF is awesome and you should go.   I had the pleasure of attending the 2018 Wild West Hackin’ Fest this year, put on by John Strand and his team at Black Hills Information Security. This ended up being a 2.5 day conference and well worth the journey out to Deadwood South Dakota. The […]

Read More »

Posted in Uncategorized

Dell 2335dn Password Disclosure

By Gerren Murphy
|
August 23, 2018
| No Comments
| Pentesting

During a recent pentest, I encountered a Dell 2335dn printer which did not have any admin credentials set (the default). After authenticating with the username “admin” I began to poke around to see if there was an ldap server or smtp server configured that I could exploit (See: https://hackinparis.com/data/slides/2014/DeralHeilandandPeterArzamendi.pdf for some good info on printer exploitation)   […]

Read More »

Posted in Pentesting Tagged cve-2018-15748

Vulnhub billu b0x 2 Walkthrough

By Gerren Murphy
|
July 14, 2018
| No Comments
| Vulnhub

Took a stab at box 2 of the billu series on Vulnhub. I’m not sure if this is was the intended method for root, but here it is either way. I’m going to revisit it to see if there are others as well… NMAP returns: Nmap scan report for 192.168.52.187 Host is up (0.00022s latency). […]

Read More »

Posted in Vulnhub

I was told there would be no math

By Gerren Murphy
|
July 11, 2018
| No Comments
| Random

File this under “Hmph…I did not know that” and “…really?”   I read this post over at the BHIS blog the other day, and had no idea about the whole port 70,000 thing. So I had to see for myself…     You learn something new every day…

Read More »

Posted in Random

Cleaning Up Scraped Usernames From LinkedIn

By Gerren Murphy
|
March 28, 2018
| No Comments
| Pentesting

One of the things that pentesters will do during an engagement is generate a list of potential usernames to use in various attacks on the target organization. There have been several utilities developed over the years which attempt to gather this info from LinkedIn, but I have not had great success with them for one […]

Read More »

Posted in Pentesting Tagged burp, recon, reconnaissance, usernames Leave a comment

RastaLabs Review

By Gerren Murphy
|
March 23, 2018
| No Comments
| Pentesting

Background Back in late February, I took a bit of a break after passing my OSCE exam. Of course, it wasn’t too long afterwards that I got that itch of “I need a new challenge.” A few people that had recently taken the OSCE were discussing RastaLabs, and how awesome it was, so I followed […]

Read More »

Posted in Pentesting Leave a comment

He shoots…he scores!

By Gerren Murphy
|
March 3, 2018
| No Comments
| Certifications

Round 2 of my battle with the OSCE lab proved successful. I don’t have a whole lot to add other than the many other well written reviews that currently exist. What I will say is that if you are considering going down the OSCE rabbit hole, you will, without a doubt, need to do a […]

Read More »

Posted in Certifications Leave a comment

He shoots…and a miss! (or my first OSCE lab exam)

By Gerren Murphy
|
February 19, 2018
| No Comments
| Certifications

My last post was Novemberish…which coincides with the time that I signed up for the OSCE course from Offensive Security. Many hours were spent xor’ing, jumping, popping, pushing, moving, add-ing, and sub-ing. All of  which culminated this weekend in my lab exam. Let’s just say that, I’ll be revisiting it again…but am proud of what […]

Read More »

Posted in Certifications Leave a comment

Posts navigation

1 2 Next

Navigation

  • About
  • Contact

Recent Nonsense

  • Running Sharphound From a Non-Domain PC
  • Getting the GAL (via Skype/Lync)
  • 2018 Wild West Hackin’ Fest – A Look Back
  • Dell 2335dn Password Disclosure
  • Vulnhub billu b0x 2 Walkthrough

Follow Me

  • twitter
  • linkedin

Navigation

  • About
  • Contact

Recent Nonsense

  • Running Sharphound From a Non-Domain PC
  • Getting the GAL (via Skype/Lync)
  • 2018 Wild West Hackin’ Fest – A Look Back
  • Dell 2335dn Password Disclosure
  • Vulnhub billu b0x 2 Walkthrough

Follow Me

  • twitter
  • linkedin

Gerren Murphy 2019 | All Rights Reserved. Powered by WordPress