Questions tagged [windows-server]
The windows-server tag has no usage guidance.
132
questions
1
vote
2
answers
75
views
PHP embedded within PNG is not executing rather randering in IIS but executes in Apache
I am pentesting a site with all permissions. I have been able to upload a PHP shell embedded within a png image. I have also been able to change the extension of the file like
something.php. So my ...
- 129
0
votes
1
answer
54
views
Nexpose reporting ciphers not present in machine
Nexpose reports the following vulnerability:
TLS/SSL Server Supports The Use of Static Key Ciphers. Negotiated with the following insecure cipher suites:
TLS 1.2 ciphers: ...
1
vote
0
answers
41
views
Low level privilege assignment using Secedit failed
I, as Administrator, tried to assign Backup privileges to a sample user via secedit command...
cmd> secedit /export /cfg config.inf
It exported the contents of Local Security Policy (LSP) database ...
- 61
1
vote
0
answers
110
views
Pass-the-hash, why do I get a shell with high integrity?
I am testing the security of a Windows Server 2019 machine and have a question about remote access to the machine.
The user on the machine has the permission "SeBackupPrivilege". I can ...
- 11
0
votes
0
answers
81
views
How to handle Microsoft FTP server being DDoSed
We noticed FTP service going down intermittently in the server and we found an FTP user was used to DDoS the server. Then we deleted the specific user from the server. After that the user "...
- 1
0
votes
1
answer
142
views
How to protect a local app that acts as a webserver from exploits?
For me building interfaces through HTML / JS frameworks is by far easier then any other framework I have tried in the past. It's also not that strange, as by far the most UIs are based on the web ...
- 539
0
votes
0
answers
2k
views
Windows Event ID 4624 with Anonymous Logon. Is it safe?
In our SIEM, I saw the following event below.
From the image above here is what I'm observing:
Successful login noted via eventid 4624
Username used to login was Anonymous logon as indicated by SID ...
- 133
4
votes
2
answers
632
views
How to find the process that is running PowerShell commands that appear in Windows Defender
On one of our Windows Datacenter 2016, there's an alert that a trojan is trying to install :
The following PowerShell commands are trying to execute at seemingly random hours of the day (always ...
- 139
0
votes
0
answers
286
views
How strong is windows firewall on Windows Server 2019?
How strong is Windows Firewall?
I have no knowledge on Botnets or how to use them, so I have no way to test Windows firewall's strength. And I believe it would go against the contract I signed with my ...
0
votes
1
answer
232
views
Notepad.exe establishing an outbound TCP over port 1025 from Windows using server to a Teradata server, is this unusual?
We have a situation where a user logged into a Windows Server which primarily runs Tableau established an outbound TCP connection over port 1025 where the destination server is part of a Teradata ...
- 1
0
votes
1
answer
999
views
Cipher Suites settings wrong order?
I'm trying to setup a custom order of TLS cipher suites according to this Microsoft list, on Windows Server 2022 but the outcome is not the one that I was expecting.
After using the powershell to ...
- 3
3
votes
1
answer
303
views
Remote code execution after a valid SMB (net use) password in Windows?
I am doing a capture-the-flag exercise in a Windows scenario.
It uses Windows 2016 server. I was able to find the password and I can access the files with a:
net use z: \\computer\C$ password /user:...
- 31
2
votes
1
answer
203
views
Does only having Microsoft Office installed make you vulnerable to the CVE-2022-30190 RCE or having Windows as your OS is enough?
I was wondering whether you need to have Microsoft Office installed to be vulnerable to CVE-2022-30190 RCE.
As far as I understand, MSDT is the issue here (the attack vector so to say) and as shown ...
- 1,633
1
vote
1
answer
1k
views
TGS Ticket in Kerberoasting
In kerberoasting , User request service ticket for any service with registered SPN then use the ticket to crack service password.
But in kerberoses authentication process , KRB_TGS_REQ request is ...
- 91
0
votes
0
answers
8k
views
security certificate does not specify Subject Alternative Names
We have a Windows Server 2016 that we use as a web server hosted on premise and we host numerous web applications under the Default Web Site in IIS. All applications are reached by using the server ...
- 101