SMB vulnerabilities are pretty rare, when they do hit, they often hit big. A couple examples:
• MS06-025 - RCE vulnerability.
• MS08-067 / CVE-2008-4250 - RCE vulnerability exploited by the Conficker worm.
• MS17-010 / CVE-2017-0144 - RCE vulnerability allegedly leaked from the NSA.
While these are getting a bit old, they are still worth looking for, especially on older or unpatched systems.
taken from : [smb-enum]
@AfroSec
• MS06-025 - RCE vulnerability.
• MS08-067 / CVE-2008-4250 - RCE vulnerability exploited by the Conficker worm.
• MS17-010 / CVE-2017-0144 - RCE vulnerability allegedly leaked from the NSA.
While these are getting a bit old, they are still worth looking for, especially on older or unpatched systems.
taken from : [smb-enum]
@AfroSec
0xdf hacks stuff
SMB Enumeration Cheatsheet
SMB enumeration is a key part of a Windows assessment, and it can be tricky and finicky. When I was doing OSCP back in 2018, I wrote myself an SMB enumeration checklist. Five years later, this is the updated version with newer tools and how I approach SMB…
👏3
Valentine's huh? 😂
I think I need a love letter for my one and only...my dearest PC . ❤️
You've been there for me through all the CTFs, late-night hacking, and countless sudo commands.
You're my everything. Thank you for never blue-screening on me (well she did but uk it's called love) 😁
@AfroSec
I think I need a love letter for my one and only...
You've been there for me through all the CTFs, late-night hacking, and countless sudo commands.
You're my everything. Thank you for never blue-screening on me (well she did but uk it's called love) 😁
@AfroSec
😁9❤2
[ linpeas ]
Just a friendly reminder: before running any open-source tools, it's always a good idea to take a moment to audit them first. Even though open-source projects are amazing, sometimes they might have unexpected risks. It's better if you give it a quick view😊
@AfroSec
Just a friendly reminder: before running any open-source tools, it's always a good idea to take a moment to audit them first. Even though open-source projects are amazing, sometimes they might have unexpected risks. It's better if you give it a quick view😊
@AfroSec
YouTube
Why You MUST Audit Open Source Tools Before Use
Last week, a counterfeit version of the widely used open-source script LinPEAS was found to contain a hidden remote logging feature. This discovery highlight...
👍2
Yo, I gotta say this out loud: I am SO in love with this cybersec journey 🙌 This is honestly the best thing that's ever happened to me in life, and am grateful to God for this path. 🙏 Every day is a new adventure, and I’m just excited to be exploring, learning, and growing in this field.
I’m going to keep hustling and exploring all that this amazing world of cybersecurity has to offer. There’s no stopping now let’s go! 🔥💻
Thanks to everyone who’s been part of this journey with me 😊😊😊😊😊 and I’m stoked for what’s next. Let's keep learning, hacking, and growing
#cybersec #husteling
@AfroSec
I’m going to keep hustling and exploring all that this amazing world of cybersecurity has to offer. There’s no stopping now let’s go! 🔥💻
Thanks to everyone who’s been part of this journey with me 😊😊😊😊😊 and I’m stoked for what’s next. Let's keep learning, hacking, and growing
#cybersec #husteling
@AfroSec
🥰6🤗1