Jump to content

0phoi5

Dedicated Members
 View Profile  See their activity

  • Posts

    702

  • Joined

  • Last visited

  • Days Won

    20

 Content Type 

Everything posted by 0phoi5

  1. 0phoi5
    Anyone? So far I've got... Get-ADuser [USERID] -property MemberOf | % {$_.MemberOf | Get-ADGroup | select Name | sort name} ... to show all of the groups a user is a member of, and... Get-ADGroup -Filter {name -like "@*"} -Properties Description | select Name | sort name ... to show all groups that exist with @ at the start of them. How do I combine the two? If I use... Get-ADuser [USERID] -property MemberOf | % {$_.MemberOf | Get-ADGroup -Filter {name -like "@*"} -Properties Description | select Name | sort name} ... I get error "The input object cannot be bound to any parameters for the command"
  2. 0phoi5
    I just re-read your post. Perhaps that's where you already got the details from! I disagree though. Why not use the method you've already had success with, to get CMD, then gather information to find an exploit you can use in 'sploit? For example, with CMD you can use... wmic product list brief ... to get all of the software and version numbers of the target PC, then try and find an exploit in Metasploit for it. Think of the CMD reverse shell as recon, rather than the exploit itself. But you are perhaps underestimating CMD. Yes, whilst it's not as 'classy' as other tools, you can do a lot with CMD. Amend registry, move files, open ports etc.
  3. 0phoi5
    Maybe this will help? Note, this isn't Metasploit, but if you're clever, you can do almost everything sploit can, or gather enough info to then use sploit. Reverse shell with the above method > Gather vulnerability details > Metasploit
  4. 0phoi5
    I can list all AD groups beginning with @ by using... Get-ADGroup -Filter {name -like "@*"} -Properties Description | select Name | sort name ... so maybe there's a way to pipe this list to Remove-ADGroupMember?
  5. 0phoi5
    Hi all, I'm using... Get-ADuser $UserID -property MemberOf | % {$_.MemberOf | Get-ADGroup | select Name | sort name} ...to nicely list all the of the Active Directory groups that a user is a member of, in an easy-to-read format. I'm trying to only list the groups that begin with an @ sign. So instead of... @Group 1 @Group 2 Group 3 Group 4 ...I would get just... @Group 1 @Group 2 I'm then looking to remove these groups from the user's account. So, in summary; Get only the MemberOf groups beginning with @, for a user remove user from these groups How would I go about this? I've been playing for a while, but have got no further than the script above. Thank you,
  6. 0phoi5
    This kind-of worked, it gave me a bit more info, but unfortunately Windows 10 was picked up as an unknown operating system, and it still stated 135, 139 and 445 were filtered. p0f was a bit better, it advised the fact that it was a Windows machine, but failed to specify version 10. I'll see what the results look like with Windows firewall turned off, and if the ports suddenly open up, I'll experiment with 'piggy-backing' some code to turn it off, maybe have a play with the SET and Metasploit. Cheers guys.
  7. 0phoi5
    Thanks both, I'll have a play tonight and see if I get any luck :)
  8. 0phoi5
    It is indeed, which is great! However, I was hoping there was a way to circumnavigate it. My phone, as an example, showed all ports as filtered until I fragmented the packages and slowed down the scan, then it picked up open ports. Is there no way for me to trick the firewall and see open ports, or stop it from running altogether? Or, if not, how would one go about fingerprinting the OS instead of nmap?
  9. 0phoi5
    Hey all, I've been learning nmap for the last week, scanning my own network for practice. I've managed to find open ports on other devices, however when I scan my Windows 10 machine, all ports are always filtered. I've tried; fragmenting the packets with -f spoofing my MAC to that of my internet Hub slowing down the scan with -T2 and --scan-delay turning off PING with -Pn But nmap always returns that all 1000 ports are filtered. The machine has Windows firewall turned on, but no other firewall software running. Any ideas? Thanks,
  10. 0phoi5
    Wardriving is legal. Cracking WiFi is illegal, which is not what I'll be doing, so sa'll good. I won't, don't worry. I just need a way to access the Pi at the side of the road if anything goes wrong/to monitor it. Don't want to have to keep going home to see data.
  11. 0phoi5
    What a fantastic description
  12. 0phoi5
    Hi all, I have a Raspberry Pi 3 with an Alfa AWUS036H with 7dBi directional antenna set up in a vehicle. I'm wondering what the best method of controlling the Pi in a (not very roomy) vehicle would be? I've considered; A Chromebook, chrooted and connected via SSH or Ethernet cable (a little too bulky, as I can't easily put a laptop on my lap in the vehicle) A small dashboard monitor and bluetooth keyboard A Raspberry Pi Touchscreen A keyboard/case combo thing like this Some way of connecting an Android phone to it What would you go for and why?
  13. 0phoi5
    Hey all, Pleas see http://thehackernews.com/2016/04/spy-phone-call-location.html "In BriefThe famous ‘60 Minutes’ television show shocked some viewers Sunday evening when a team of German hackers demonstrated how they hacked into an iPhone used by U.S. Congressman, then recorded his phone calls and tracked his movement through Los Angeles. Hackers leverage a security flaw in SS7 (Signalling System Seven) protocol that allows hackers to track phone locations, listen in on calls and text messages." My question is basically; how would this be possible? What methods/coding/programs would be used? *Edit* And when it says 'a security flaw in SS7', anyone know of this? What's the flaw? Just find it fascinating!
  14. 0phoi5
    How far would one be able to connect to an Open WiFi if they could only set up hardware on their end? It's a local pub, I can't set up equipment there unfortunately. I know the landlord and they are happy for me to connect, but I can't go setting any equipment up there. Is a Yagi the best bet?
  15. 0phoi5
    Hey all, Is this product any good for long-distance use of an open WiFi hotspot? https://www.ubnt.com/airmax/nanobeamm/ There are around 10 houses between me and the Open Wifi hotspot, however this thing states it can do 15km and the hotspot is only around 2-3km away. I could probably raise it high enough to see over the top of a few of the houses. Ta.
  16. 0phoi5
    Hi selectyjc, If you post in the Trading Post, some kind soul might post one to you for a small fee.
  17. 0phoi5
    Hi all, I'm looking to make a script, in either batch or Powershell, that will give a user access to a folder and all folders leading down to it. So, it would; Ask for input of Active Directory UserID Ask for input of a folder path List all of the security groups for the first folder in the path and allow selection of which one the AD UserID will be added to. List all of the security groups for the second folder in the path and allow selection of which one the AD UserID will be added to. List all of the security groups for the third folder in the path and allow selection of which one the AD UserID will be added to. etc. So, if user JBLOGGS wanted access to folder '\\Here\There\Everywhere', the script would; List the security groups for the folder '\\Here' and prompt for which AD group to add user JBLOGGS to. List the security groups for the folder '\\Here\There' and prompt for which AD group to add user JBLOGGS to. List the security groups for the folder '\\Here\There\Everywhere' and prompt for which AD group to add user JBLOGGS to. Note - The security groups for a folder are normally viewable in Windows by right clicking in a folder and going to 'Properties > Security > Group or user names' Hopefully this makes sense, if not please let me know. Please note that I understand the script for adding a user to an AD group, that's easy. The struggle is getting a script to prompt which security group for each level of the folder path the user should be added to. Thank you in advance.
  18. 0phoi5
    Hi, I'm considering buying a Mark V, however I wanted to get some idea of the setups people are using for distance. I assume the standard setup won't do more than 50 meters or so (obviously depending on open spaces, dense materials in the way, etc.) What kinds of aerials are you using, and what kinds of distances have you acheived? Thanks.
  19. 0phoi5
    Ha!
  20. 0phoi5
    This, unfortunately. Take it as a good opportunity to pentest 3 smart TVs, 8 printers, 1 apple TV and a bunch of mobile phones/computers owned by loose University girls.
  21. 0phoi5

    USB Phishing

    0phoi5 replied to FlashB's topic in Questions

    Made my day *edit* I'd class myself as security/IT savvy, and even I'd be tempted to click on that. Gotta be worth a try.
  22. 0phoi5
    I would guess this. But then I just work here, so meh. I don't think our India guys have much access to do anything anyway, so it wouldn't cause much of a security problem.
  23. 0phoi5
    How else would you advise a user of their password, if they are based in another country and don't have access to the Active Directory? Phone call? Not any safer.
  24. 0phoi5
    Hi all, Interesting read for you, on thehackernews.com; British Intelligence is Legally Allowed to Hack Anyone, Court Says I think we were all already aware of GCHQ's ability to ignore people's (supposed) right to anonymity, but my question is, how would you personally defend against them? What advice / programs / actions would you take in order to ghost yourself away from this agencie's prying eyes, in particular the points quoted above?
  25. 0phoi5
    Hi all, One of my colleagues managed to lose the key for his desk today. We therefore had to 'improvise' to get it open. Thought I'd share this website, as it's a fantastic resource for lock picking tips, tricks and home-made tools. Check out all of the pages listed at the bottom of the site, under 'Links & Notes'. Enjoy.
×
×
  • Create New...