I was in the middle of something in another room and it occurred to me that this familiar expression could be adapted for ADHD: A watched pot never catches fire. Good reminder to exercise a little extra caution in the everyday tasks that get boring but are still dangerous if you get complacent. Driving, cooking, poking around in a running computer with screwdriver even though you know you should shut it off, that sort of thing.

Now if you'll excuse me, I should get back to cooking breakfast before the "food is done" alarms start going off throughout the building.

cross-posted from: https://lemmy.world/post/3494377

Took a while to get here, any ideas for what to do with it?

[Edit: Image broke so I've hosted it elsewhere.]

Took a while to get here, any ideas for what to do with it?

[Edit: Image broke so I've hosted it elsewhere.]

User @soraya@lemmy.world (Soraya Pepe) is advertising a forum service as well as a booking site where you can order donuts* that they'll deliver to your hotel room. They are using bit.ly links to obscure links to their forum topics in community sidebars as well. These communities are !free@lemmy.world and !woman@lemmy.world.

@comcreator@lemmy.world has created 80+ communities here, most of which are empty save for a "Looking for moderators" post. Some have 0-3 posts which are nearly all from the creator and a couple have some regular user activity.

I recognize that this may not be against the rules as long as it's not simply for the purpose of squatting on a name but is worth observing for future developments. It does not appear that this user intends to actively moderate since they're looking to hand those communities off as soon as they're created.

https://lemmy.world/u/HeGetsUs_ad / https://lemmy.world/c/hegetsus

"He Gets Us" advertising campaign setting up on this instance.

Edit: And it's gone. Thanks!

The image was in one of my old document folders alongside some saved image macros and things. Think he was called Candleman, Candlejack, Candlestick, something like that. I just don't remem-

[Note: The content of this post has been copied from /r/Pentesting in case users wish to continue the discussion during the reddit API price gouging blackout]

Original

Responder and NTLMRelayx

/u/ j_relic

I’m practicing pentesting using Responder. I’ve watched a few videos on YouTube, but I’m having issues. My setup: Windows Server 2019 VM, Windows 10 VM, and the latest Kali. I used a video to create the vulnerable Active Directory Environment (YouTube, the Cyber Mentor). Responder version 3.1.3.0.

I’ve been unable to capture hashes using LLMNR poisoning. Responder doesn’t send the LLMNR poisoned answer. In fact, the only answer it sends is MDNS.

I’ve also been unable to capture hashes using SMB Relay Attacks (with Responder and ntlmrelayx). According to the video I used, I ran nmap to determine the smb version I have for Windows Server 2019. I have smb3 (3.1.1), and “message signing enabled but not required.”

I made sure to modify any configurations within the Responder.conf file (according to the videos) as needed. Am I having these issues because SMB is version 3, and not 2 like in the videos? The videos are a few years old.

Any help is appreciated. Thanks. I would like to exploit these types of issues within my homelab setup.

/u/Danti1988

In your training environment, you don’t mention how you are generating traffic for responder to respond to. Set a scheduled task to map a network share that has an incorrect host name, dns will fail and fall back to netbios / llmnr and you will get a hash.

/u/ j_relic

Hi sorry about that—according to the video, I tried entering an incorrect share. For example, I typed //kl as the share and hit enter. Unfortunately, I didn’t get the same results as the video. In the video, the hashes are captured immediately. But for me, nothing. Instead, Edge opens up on the VM in an attempt to open the page as a web address that ultimately fails.

/u/Danti1988

Open run or file explorer and type //kl/blah. Also make sure responder is listening on the correct interface and both nics are on the same interface for the vms

/u/ j_relic

Unfortunately, same problem. The LLMNR poison isn’t sent, only MDNS. Responder sees the attempt, but nothing else further. I’ve verified that the interface is correct, and the VMs are on the same interface (for their respective nics). All poisoners are set to “On.”

/u/kaltec

Is the vm network adapter set to bridged mode? Kinda sounds like it might be in NAT

/u/Danti1988

If you type in //kaliIP/ are you seeing the hash? If not, it’s definitely a problem with your set up.

[Note: The content of this post has been copied from /r/Pentesting in case users wish to continue the discussion during the reddit API price gouging blackout]

Original

Pentesting project viability?

/u/ExcidionKahuna

TL;DR: Aspiring pentester/python noob looking for recommendations to optimize recon script written in python to populate an Obsidian vault, link findings efficiently with markdown/obsidian plugins, and wondering if this is would even be useful.

Hey all,

I'm not sure if this would be viable to the community in general, but was wanting some input.

This has been kind of a dream project of mine. I'm no developer, and aspire to be a pentester once my contract with my current job ends.

This is a project in python that will perform all my basic enumeration and execute additional commands and populating an Obsidian vault with the data. It starts with a ping/pingsweep and create a directory for each target. Cue nmap full port scan and create a .MD file for each port. Additional script and service scans on discovered ports, and the output for each port saved to each port file. Follow additional commands to run based on services discovered and saved to their own files. Each command will be piped to a bash script I wrote that will timestamp command output and screenshot it to be rendered in each file.

I know that golang and other languages would be faster for this, but this is a project I am using to learn Python and optimize/automate my notes. I guess this could be simplified as using autorecon and making an Obsidian vault, and doctoring it up with markdown and Obsidian features.

For Obsidian users, do you have any recommendations for markdown syntax I can use to better organize, link or make this project useful? Or any other optimizations you could recommend via python? And is this something anyone would actually like to see or even care about?

/u/frenchfry_wildcat

This is absolutely possible and essentially how the “automated pentest” platforms work (such as Penterra)