Preview Mode Links will not work in preview mode

7 Minute Security

Sep 15, 2023

In today's tale of pentest pwnage we talk about:

  • The importance of local admin and how access to even one server might mean instant, full control over their backup or virtualization infrastructure

  • Copying files via WinRM when copying over SMB is blocked:

$sess = New-PSSession -Computername SERVER-I-HAVE-LOCAL-ADMIN-ACCESS-ON -Credential * 

...then provide your creds...and then:

copy-item c:\superimportantfile.doc -destination c:\my-local-hard-drive\superimportantfile.doc -fromsession $sess 
  • If you come across PowerShell code that crafts a secure string credential, you may able to decrypt the password variable with: