all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

PXEThief - Set Of Tooling That Can Extract Passwords From The Operating System Deployment Functionality In Microsoft Endpoint Configuration Manager

Add to bookmarks
Jan. 3, 2023, 11:30 a.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


PXEThief is a set of tooling that implements attack paths discussed at the DEF CON 30 talk Pulling Passwords out of Configuration Manager (https://forum.defcon.org/node/241925) against the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager (or ConfigMgr, still commonly known as SCCM). It allows for credential gathering from configured Network Access Accounts (https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/accounts#network-access-account) and any Task Sequence Accounts or credentials stored within ConfigMgr Collectio n Variables that have been configured for the "All Unknown Computers" collection. …

configuration configuration manager deployment endpoint endpoint configuration manager extract manager microsoft operating system passwords privilege escalation python registry registry key system tooling windows

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

VectorKernel - PoCs For Kernelmode Rootkit Techniques Research 13 hours ago | www.kitploit.com
64bit api education kernel +17
Cookie-Monster - BOF To Steal Browser Cookies & Credentials 1 day, 13 hours ago | www.kitploit.com
cookie-monster passwords processes python +2
NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected 2 days, 13 hours ago | www.kitploit.com
mechanism microsoft mimikatz noargs +3
Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of … 3 days, 13 hours ago | www.kitploit.com
frameless-bitb scanners scripts subdomains +2
Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking 4 days, 4 hours ago | www.kitploit.com
analysis beginners cracking infosec +11
Porch-Pirate - The Most Comprehensive Postman Recon / OSINT Client And Framework That Facilitates The … 6 days, 13 hours ago | www.kitploit.com
api api endpoints automated client +20
APKDeepLens - Android Security Insights In Full Spectrum 1 week ago | www.kitploit.com
android security apkdeeplens mobile security vulnerabilities +1
RemoteTLSCallbackInjection - Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A … 1 week, 1 day ago | www.kitploit.com
academy anti-debugging api home +8
Sicat - The Useful Exploit Finder 1 week, 2 days ago | www.kitploit.com
exploit finder metasploit modules reconnaissance sicat

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Consultant- Governance, Risk, and Compliance team

@ EY | Tel Aviv, IL, 6706703
View on infosec-jobs.com

Professional Services Consultant

@ Zscaler | Escazú, Costa Rica
View on infosec-jobs.com

IT Security Analyst

@ Briggs & Stratton | Wauwatosa, WI, US, 53222
View on infosec-jobs.com

Cloud DevSecOps Engineer - Team Lead

@ Motorola Solutions | Krakow, Poland
View on infosec-jobs.com
View more jobs