.

Windows 2008 SP1 - Ways to exploit?

<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Thu Apr 05, 2012 11:19 am

Re: Windows 2008 SP1 - Ways to exploit?

Depends on what they're using for NAC. If its something stupid like MAC addresses, I may try to fire something on the wire to check for someone elses MAC if possible, spoof that, it all depends. To fiddle around and tamper with NAC, it all depends on what I'm doing, what they're using for NAC and so forth. I have PacketFence lying around on a VM machine and have fiddled with it a but have never had to attack this head on... I look for workarounds all the time though ;) Same applies for VLANs (VLAN hopping, trunkspotting (you read it here first from me ;))
<<

knwminus

User avatar

Full Member
Full Member

Posts: 100

Joined: Thu Feb 25, 2010 11:26 pm

Post Thu Apr 05, 2012 11:51 am

Re: Windows 2008 SP1 - Ways to exploit?

sil wrote: I have PacketFence lying around on a VM machine and have fiddled with it a but have never had to attack this head on... I look for workarounds all the time though ;) Same applies for VLANs (VLAN hopping, trunkspotting (you read it here first from me ;))



Um, what?

I have always been curious about the number of companies that actually deploy NAC. I have never seen one in production.
A+ N+ CCNA CCNA:S CNSS 4011 Security+

Next Up: CCNP CCNP:S
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 459

Joined: Thu Mar 03, 2011 3:54 am

Post Thu Apr 05, 2012 11:58 am

Re: Windows 2008 SP1 - Ways to exploit?

sil wrote:...trunkspotting (you read it here first from me ;))


Indeed.  Never heard the term before and Google only has one result for "trunkspotting vlan": this thread haha
GSEC, eCPPT, Sec+
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Thu Apr 05, 2012 3:47 pm

Re: Windows 2008 SP1 - Ways to exploit?

lorddicranius wrote:
sil wrote:...trunkspotting (you read it here first from me ;))


Indeed.  Never heard the term before and Google only has one result for "trunkspotting vlan": this thread haha


I make crap up as I go along. VLANSPOTTING to me is the ability to determine the VLANs used in a network, and which machines in the network are trunked into other VLANs. ;) Those are the ones I like... Trunked VLAN access especially when there is no port security or filtering ;)
Previous

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software