-
#psexec trick for enabling RDP remotely: psexec \\dnsname-or-ip reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f -
The
#Petya sample contains 4 resources, all zlib compressed. 3 PE files. 3th is#psexec version 1.98 with valid signature. pic.twitter.com/LnxWpIfKlV
-
Nice
#Powershell alternative to using#PsExec from@mkellerman to escalate to SYSTEM with a Scheduled Task on a local or remote computer https://github.com/mkellerman/Invoke-CommandAs … -
#Tshark one liner to get the full#psexec line to create a service from a packet capture because getting the info out was a PITA tshark -n -r powershell.pcap -Y svcctl.binarypathname -T fields -e svcctl.binarypathname pic.twitter.com/0STzxa0kbI
-
#NonPetya using#mimikatz and#PsExec for lateral movement pic.twitter.com/glNbdrkMyp
-
To uninstall a product using
#PowerShell you can do it via WMI/CIM in 1 line (better in 2 - query first & call if not null) (Get-WmiObject -Class win32_product -Filter "Name = 'ControlUpAgent'").UnInstall() Remote it with -ComputerName or with wmic.exe via@SysInternals#psexec pic.twitter.com/rDmTCy2bBb
-
RemCom - Remote Command Executor: A OSS replacement for PsExec and RunAs http://buff.ly/28LxID7
#psexec pic.twitter.com/WqpACssCam
-
6 new free
#sigma rules are out today to detect#OrangeWorm C2, RDP via#psexec and#Vshadow +#DiskShadow attack for Microsoft Active Directory. All mapped to@MITREattack download here: https://tdm.socprime.com/sigma/@cyb3ropspic.twitter.com/cpoH1BoyL7
-
"Despite the wealth of lateral movement tools similar to PsExec, an evergreen tactic for detecting these tools is to hunt for outlying named pipes used by processes on your Windows endpoints," wrote
@ForensicITGuy on detecting#PsExec and similar tools. https://hubs.ly/H0fYcdZ0 -
yet another huge attack? this time WMIC&PsExec? seems no
#EternalBLue exploit is needed to spread it world wide#WannaCry#Petya#PsExec pic.twitter.com/DbjtZvtuRJ
-
-
2/ Here are some screenshots of
#MicrosoftATA catching#PSEXEC (Also starring: our handsome R&D manager) pic.twitter.com/FPB627HWWM
-
I'm just saying that none of those tools (and half of our world) would be available w/o the
@markrussinovich 's#psexec https://twitter.com/x0rz/status/874658013189111810 … -
Psexec: The Ultimate Guide by
@adbertram | Learn how to download psexec, launch a psexec remote cmd, cover psexec examples and how to use psexec and PowerShell together! http://bit.ly/2LDGIPS#PsExec#UltimateGuide Please RT if you like it!pic.twitter.com/ktAeADZUKZ
-
New post on remoting: Psexec is Dead http://bit.ly/1tuboQx
#psexec RTs are appreciated! -
#APT Most Popular Tools (by # of mentions in M-Trends 2015 report): 1.#PowerShell (25) 2.#Mimikatz(10) 3.#Psexec (7) 4.#Metasploit(6) -
Got
#Windows#credentials and want to know how to use those without getting caught? "Using Credentials to Own Windows Boxes" by@ropnop, explains that & how#psexec,#wmi,#wmirm internals work. https://blog.ropnop.com/using-credentials-to-own-windows-boxes/ … https://blog.ropnop.com/using-credentials-to-own-windows-boxes-part-2-psexec-and-services/ … https://blog.ropnop.com/using-credentials-to-own-windows-boxes-part-3-wmi-and-winrm/ …#securitypic.twitter.com/nJaW3zoFGI
-
psexec command: Not Your Daddy’s
#Psexec https://www.pentestgeek.com/2013/01/10/psexec_command-not-your-daddys-psexec/ … -
Legacy remoting tech. ? Buuuuuuh .....
#psexec@Kaczenski#cimlingenpic.twitter.com/21ueC9ZfMm
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.