Taking the relaying capabilities of multicast poisoning to the next level: tricking Windows SMB clients into falling back to WebDav 文章介绍了一种通过本地名称解析中毒攻击Active Directory环境的方法。当Windows SMB客户端遇到特定错误时（如STATUS_LOGON_FAILURE），它会回退到WebDav HTTP客户端进行认证。这使得攻击者能够更有效地进行NTLM和Kerberos中继攻击，特别是针对LDAP和ADCS服务。... 2025-2-26 00:0:25 | 阅读: 4 | 收藏 | 0day Fans - www.synacktiv.com client idonotexist poisoned webdav windows

LSA Secrets: revisiting secretsdump 文章介绍了Windows和Active Directory安全评估中提取敏感信息的方法。传统工具secretsdump.py因易被检测而改进为regsecrets.py，通过Registry服务提取信息并避免写入磁盘。新增dpapidump.py脚本优化了DPAPI密钥和SCCM信息的收集。强调安全产品应依赖通用 heuristic。... 2025-2-20 00:0:35 | 阅读: 7 | 收藏 | 0day Fans - www.synacktiv.com security secretsdump hives windows

利用多播中毒进行预认证的Kerberos中继攻击 A few years ago, James Forshaw discovered a technique allowing to perform Kerberos relaying over HTT... 2025-1-31 05:41:24 | 阅读: 8 | 收藏 | 玄武实验室每日安全 - www.synacktiv.com relaying client attacker llmnr

Abusing multicast poisoning for pre-authenticated Kerberos relay over HTTP with Responder and krbrelayx A few years ago, James Forshaw discovered a technique allowing to perform Kerberos relaying over HTT... 2025-1-26 23:59:5 | 阅读: 3 | 收藏 | 0day Fans - www.synacktiv.com relaying client attacker llmnr

I hack, U-Boot U-Boot specificitiesDas U-boot, the Universal Boot Loader, or U-Boot, is a bootloader for embedded... 2024-5-25 14:55:18 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - www.synacktiv.com memory autoboot depthcharge presskey mmc