Product Cisco Access Point WAP371 Impact Low Fixed Version(s) N/A Affected Version(s) Firmware ≤ 1.3.0.7 CVE Number CVE-2024-20287 DESCRIPTION Presentation Cisco Access Point WAP371 is a product developed
Network Discovery Summary Nmap Network Scan with nc and ping Spyse Masscan Netdiscover Responder Bettercap Reconnoitre SSL MITM with OpenSSL References Nmap Ping sweep (No port scan, No
Pour les pressés cherchant des mots de passe… A exécuter en administrateur : mimikatz # privilege::debug Privilege '20' OK mimikatz # sekurlsa::logonpasswords Authentication Id : 0 ; 515764
CVE-2020-1472 White Paper from Secura : https://www.secura.com/pathtoimg.php?id=2055 Exploit steps from the white paper Spoofing the client credential Disabling signing and sealing Spoofing a call Changing a computer’s AD
xchange your privileges for Domain Admin privs by abusing Exchange. You need a shell on a user account with a mailbox. Exchange server hostname or IP address pth-net
CVE-2021-1675 / CVE-2021-34527 The DLL will be stored in C:\Windows\System32\spool\drivers\x64\3\. The exploit will execute the DLL either from the local filesystem or a remote share. Requirements: * Spooler Service enabled (Mandatory)
This exploit require to know the user SID, you can use rpcclient to remotely get it or wmi if you have an access on the machine. RPCClient rpcclient $> lookupnames john.smith john.smith
Require: SID filtering disabled From the DC, dump the hash of the currentdomain\targetdomain$ trust account using Mimikatz (e.g. with LSADump or DCSync). Then, using this trust key and the domain
