Jump to content

HerrDoktor

Members
  • Posts

    3
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

HerrDoktor's Achievements

Newbie

Newbie (1/14)

  1. After using MITMf for a while on my Kali Linux machine, I'm wondering whether it would be feasible to use it on a Bash Bunny. You'd have to be able to pull things like the gateway and DNS server automatically, but beyond that the only problem I can think of is the complex dependencies for MITMf. Thoughts?
  2. I love that the first bit of the article includes this: "Past experience tells me that Microsoft doesn't always properly patch the vulnerabilities correctly." I remain convinced that it is possible to make a Bash Bunny rogue DC, and that it could yield interesting insights. Luke Jennings mentions: "Even on Vista/2008 onwards, user settings group policy can be exploited if you know a user’s password to conduct a form of privilege escalation to gain SYSTEM on domain members. Microsoft have shown no intention thus far of providing a control to protect against this." https://labs.mwrinfosecurity.com/blog/how-to-own-any-windows-network-with-group-policy-hijacking-attacks/ I'm amazed that there hasn't been more talk about this.
  3. This is a challenge to whomever will take it (I've noticed some OPs languishing for lack of ideas, but I'm an OP languishing for lack of skill). After seeing the capabilities of Ian Haken's BlueBox (https://github.com/JackOfMostTrades/bluebox), I was inspired to find a way to port it or remake it for the Bash Bunny. Seeing that Microsoft "patched" the vulnerabilities exploited by the BlueBox, I'd like to see what else could be gained by plugging a rogue DC into a locked computer. The challenge is to make a Bash Bunny payload that mimics an easily configurable domain controller to accomplish things like: - Lockscreen bypass - User-to-Admin Privilege Escalation - Arbitrary registry edits via Group Policy See also: https://www.blackhat.com/docs/us-16/materials/us-16-Beery-The-Remote-Malicious-Butler-Did-It-wp.pdf
×
×
  • Create New...