A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


From Broadcast to Totally Pwned - (BSides Knoxville 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

From Broadcast to Totally Pwned

Russel Van Tuyl, Matt Smith

BSides Knoxville 2015

This talk covers two methods used by penetration testers to pwn

From Broadcast to Totally Pwned:
Network broadcast traffic such as NetBIOS and LLMR are often ignored or unknown. This portion of the presentation divulges my 'one trick pony' move to pwning networks by exploiting broadcast traffic. This attack hones in on a Microsoft built-in 'feature' for automagically configuring proxies. By simply responding to broadcast messages you can retrieve password hashes with no user interaction required.

From Pastebin to Totally Pwned:
This presentation follows the path of a real penetration test performed against a customer in the past year. Starting with a seemingly obscure Pastebin entry discovered by the test team, it led to the compromise of an Internet-facing email server. Did the team then pivot through the server to compromise the customer's internal network?

Back to BSides Knoxville 2015 list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast