Advanced Search
Search Results
166 total results found
Clustering: Same ZFS Pool on All Nodes
Example Environment I keep my VM and container guest disks stored on a ZFS share attached to the ZFS pool, rackdrives. Now that I have created a cluster, I want to be able to live migrate VMs and replicate containers between all three nodes. When I c...
NFS: LXC Backups Permissions Issue (Synology)
The Issue INFO: starting new backup job: vzdump 204 --remove 0 --compress zstd --mode snapshot --storage Backups --notes-template '{{node}} - {{vmid}} - {{guestname}}' --node proxmox-g4 INFO: Starting Backup of VM 204 (lxc) INFO: Backup started at 2023-01-2...
Create New Key Pair for SSH
Create the Key Pair Bash # No comment, no password on key file, output to current directory as my_ssh_key ssh-keygen -t rsa -b 4096 -C "" -f "~/my_ssh_key" -N "" PowerShell # No comment, no password on key file, output to current directory as my_ssh_key ...
Create Self-Signed TLS Certificates
When You Should Do This If you have an internal/demo/test server where you'd like to encrypt traffic between a client and server, you can create a self-signed certificate. This is not good practice for production servers. Whenever possible, you should request...
XRDP Server on KDE Plasma
Install and Configure XRDP # Install xRDP server sudo apt update && sudo apt install -y xrdp dbus-x11 # Add self-signed certificate sudo rm /etc/xrdp/cert.pem /etc/xrdp/key.pem sudo openssl req -new -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out /e...
Troubleshooting
Hosts Enrolling with Empty Data In my testing, the way to reproduce the issue is: Remove a host using the Fleet UI The host should automatically re-enroll after a short time as pulses regularly check-in with the Fleet DM server When the endpoint auto...
IMAP
Create the Config File nano ./username-muttrc You should only need to change the username, password, and domain.tld entries to their respective values according to your user authentication information. set my_mailproto="imap" set my_mailuser="username" se...
POP3
Create the Config File nano ./username-muttrc You should only need to change the username, password, and domain.tld entries to their respective values according to your user authentication information. set my_mailproto="pop" set my_mailuser="username" set...
Configuring 802.1q VLANs
Tagged vs Untagged Untagged If a port is marked as untagged on a VLAN ID, then this denotes the port is an access port on that VLAN. For example: The native VLAN ID is 1 You have a VLAN ID of 1028 Port 24 on a switch has been untagged on VLAN 1028 ...
Have I Helped You Today?
The goal of this blog is to share technical and educational content that is well-documented, easy-to-read, and free and open. I would be immensely grateful if you would consider contributing even a small amount if you have found anything on my blog to be part...
Multipart Forms and Boundary Parameters
Multipart/Form-Data Example Example Web Form Consider the following web form... File Upload Form HTML <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> ...
PowerShell: Adding Registry Hives
Get-PSDrive -PSProvider Registry Name Used (GB) Free (GB) Provider Root CurrentLocation ---- --------- --------- -------- ---...
NULL Session Enumeration (Internal/External)
NULL Session LDAP, SMB, and RPC may allow a user to authenticate to the service without providing a credential. Depending on the configurations of these services, you may be able to enumerate a great deal of information about resources on the domain with very...
AS-REP Roasting (Internal/External)
AS-REP Roasting If Kerberos pre-authentication is disabled on a user account in Active Directory, this will enable an attacker to forge a request for a TGT as this specific user. This is because, pre-authentication -- when enabled -- requires the user to hash...
NTLM Credential Stuffing (Internal/External)
NTLM Basic Authentication Could obtain a list of usernames via OSINT, or via something like RID cycling from a foothold. Might be able to find a common default credential in a prior breach dump, phishing, or some other reconnaissance The NTLM-authenticate...
Pass the Ticket
Anatomy of a Kerberos Ticket [0;97d82]-2-0-40e10000-t2_felicia.dean@krbtgt-ZA.TRYHACKME.COM.kirbi |_______| ^ |________| |_____________| |_____________________||_____| | | | | | |______file extension ...
Pass the Key
Kerberos Encryption Keys Policies on the domain controller will dictate which encryption algorithms can be used by domain-joined hosts. Dump Encryption Keys Mimikatz mimikatz # sekurlsa::ekeys Example Output This host is using the rc4 and aes256 algo...
Volatility
Downloading Volatility Download the standalone executable based on your operating environment: Linux Mac OS Windows The latest version of Volatility can be downloaded here: https://www.volatilityfoundation.org/releases Usage Overview Taken from m...
Change Default User Account
Running this on a fresh Kali installation. Login as kali user and run these commands to add a new default user: # Specify the username for your new user account username=<your_username_here> # Specify that the user login shell will be zsh user_shell=$(whic...
Change to KDE Plasma Desktop Environment
Installing KDE Plasma Official Documentation: https://www.kali.org/docs/general-use/switching-desktop-environments/ Some deviations from the procedure for me: Run sudo apt install -y kali-desktop-kde, choose sddm Run sudo apt remove --purge --auto-remove...