Capture the POST request Start Burp and go to Proxy tab and then Open Browser. For now you can keep the Intercept option off. In the browser go to the target login page, enter some username and password and before Continue reading Burp Intruder to brute-force login form with CSRF
Enable Service AccountNavigate through Cloud Build > Settings.Under Service account permissions, make sure both Cloud Run and Service Accounts are enabled Create a Google Service AccountNavigate through IAM & Admin > Service Accounts > click on CREATE SERVICE ACCOUNT Give Continue reading Deploy to Cloud Run using GitLab CI
Using Github Action and some simple SSH commands you can deploy your new scripts/content to the server. Here are the steps: Generate SSH key pairWe’ll be using SSH connection and Shimataro’s Install SSH Key for our setup. The first step Continue reading Deploying to a server in a Github action push
The very first step will be to extract the NTDIS database from the domain controller. If you have admin access to the DC it is easy, if don’t you can use Metasploit or some other techniques. In our example, we have Continue reading AD password audit with Kali linux
Install the necessary packages # yum install authconfig krb5-workstation pam_krb5 samba-common oddjob-mkhomedir sudo ntp samba-winbind-modules samba-winbind Run authconfig to setup the initial authentication configuration authconfig –disablecache –enablewinbind –enablewinbindauth –smbsecurity=ads –smbworkgroup=ITSOL –smbrealm=ITSOL.BIZ –enablewinbindusedefaultdomain –winbindtemplatehomedir=/home/teleena.local/%U –winbindtemplateshell=/bin/bash –enablekrb5 –krb5realm=ITSOL.BIZ –enablekrb5kdcdns –enablekrb5realmdns –enablelocauthorize –enablemkhomedir Continue reading Configure CentOS to authenticate to AD
If you try to start a task you’ll get: Operation: Start Task Status code: 503 Status message: Service temporarily down In /var/lib/openvasmd.log you can find something like this: lib serv:WARNING:2016-09-02 08h21.18 UTC:4546: Failed to shake hands with peer: The TLS Continue reading OpenVAS – Status code: 503, Status message: Service temporarily down
I few days ago I noticed that account Administrator is locked-out few times and the source is machine called Windows7 or FreeRDP. Very suspicious, at first domain Administrator is not in use, and second the name of the machine. I Continue reading Account lockout in AD – workstation Windows7, FreeRDP
As a general rule SNMP community string should be changed as soon as possible on corporate environment, but in fact it is not. There is a simple way to check whether or not this is done with the help of Continue reading Check for default SNMP community with Metasploit
If you have access to the server but you would like to recover sa password or a user’s password you can use this simple technique: On the server execute SELECT password_hash FROM sys.sql_logins where name=’sa’ The output will look like Continue reading MS SQL 2012/2014 password recovery for user
We are using PRTG to monitor our system and decided to add a new sensor for our Postfix mail server. After a bit of searching, I found this nice howto for Zabbix and I did a small modification on the scrip to Continue reading Postfix statistical graphs using passive checks for PRTG