Jump to content

rottingsun

Active Members
  • Content Count

    95
  • Joined

  • Last visited

  • Days Won

    2

About rottingsun

  • Rank
    Hak5 Fan ++

Recent Profile Visitors

1,926 profile views
  1. So I ended up having a major issue with a VMware host at work and missed the live. Anyone care to share their impressions of the PS?
  2. Just a few more hours until the new eagles land.
  3. Any further details on the device and what it is capable of, or do we have to wait until tomorrow?
  4. Oughta been interesting. I'll be watching the live stream intently. This blog refers to it as a "programmable MITM device". https://www.doyler.net/security-not-included/def-con-25-bsideslv-2017 I also saw someone on Twitter describe it as "an online tap with payload capability, like the bash bunny".
  5. Perhaps LLMNR, NETBIOS, and WPAD are all disabled on the target? Far fetched of it's a home PC i know but.
  6. Nice. I got mine in recently. My first payload was running procdump from the bunny and then saving the dump file onto the bunny for later mimikatz analysis.
  7. Most likely, but I have found the python/meterpreter/rev_tcp with pyherion encrypter to still be pretty reliable as far as AV evasion. As far as the new Defender API, as long as local admin perms are present on the target, you can use Set-MpPreference (Set-MpPreference -DisableRealtimeMonitoring $true for example) to turn off the various features of Defender. This is a bit "noisy", since a notification pops up immediately in the tray, but you could always quickly disable Defender, run mimikatz or some other payload, then re-enable Defender in the cleanup. I'm actually contemplating gettin
×
×
  • Create New...