Onsite

Gaining Access Thomas and 3 Guest Speakers, was really cool and from TLP:WHITE till TLP:AMBER. https://de.wikipedia.org/wiki/Traffic_Light_Protocol sha256: 282a248093ba223dd37dbfcdb23670d17b378db83ae1e656ffb1e19be2281628

SPF/DKIM/DMARC SPF Sender Policy Framework Whitelisting of Mail Senders (resp. their MTA) # SPF Record stoege@cas-puffy RD:0 $ dig txt ost.ch +short "v=spf1 mx a:smtp01.ost.ch a:smtp02.ost.ch a:smtp03.ost.ch include:spf.protection.outlook.com -all" "atlassian-domain-verification=mAHOHBOXxMe1UY/dDOFAqWSzeWJyoFosKuUf0NbaXHjWQcQOedw8QsLnPhPTF+pU" "MS=ms41259948" "google-site-verification=uXsX_aEfoeSpZ9tzZgcmmRCl99PcBClh8usP1_eoLDM" "QuoVadis=f5454eb2-12d3-4af4-8db6-173f2d4c8e67" "have-i-been-pwned-verification=9e7ce5e8d1af7986d410ec1f1991a6e7" "" # Hosts stoege@cas-puffy RD:0 $ dig +short smtp01.ost.ch smtp02.ost.ch smtp03.ost.ch 146.136.105.31 195.176.16.73 152.96.81.81 # Include MSFT stoege@cas-puffy RD:0 $ dig +short txt spf.protection.outlook.com "v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/14 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/48 include:spfd.protection.outlook.com -all" DKIM Signature of Mail Headers

2nd. Day at Ost … and it was cold again and i went by motorbike … brrrrr … Protocols for Tunneling outgoing Traffic ssh netcat -> tcp socket http https icmp smtp citrix Teams, Skype, Lync DNS Tunneling attacker --- www --- fw --- company --- AD (DHCP/DNS) |-------- Exchange Let’s start with DNS Tunneling FQDN Max Length: 255 char (RFC 1035) iodine -> DNS Tunneling over IP, Part on Kali -> give a try … Exfiltrate Traffic Recursive DNS RCE Webshell Bindshell -> new Port Bindshell -> same Port -> easy to detect Reverse Shell Netcat nc.

First Day First Day onsite. Looking forward for some interesting Moments and Month … Prüfung: 2h Theorie, zählt 50% 5h Lab, zählt 50% -> gibt Gesamt Note für’s Zeugnis Masstab für “6er” liegt bei ca. 80%, bei der Praxis etwas tiefer ;) Präsens Unterricht Freitag: Schule plus 6 Tage: Q/A plus 13 Tage: Abschluss Übungen 14 Tage: nächster Schultag Assignments Ausgabe: Tag xxx plus 1.5 Woche Zeit und dann am Dienstag 17-18 Uhr Sprechstunde

Onsite Schultage: Freitag, 08:30 - 17:00, OST Rapperswil Datum Typ Modul Detail Dozent 08.10.2021 Unterricht Reconnaissance 1/2 CAS Start Ivan Bütler 22.10.2021 Unterricht Reconnaissance 2/2 Network Scanning Ivan Bütler 05.11.2021 Unterricht Man-in-the-Middle Spoofing, Phising Ivan Bütler 03.12.2021 Unterricht Gaining Access Explotation, Attack Thomas Röthlisberger 17.12.2021 Unterricht Maintaining Access C & C Thomas Röthlisberger 07.01.2022 Unterricht Lateral Moveement WinAttackLab Thomas Röthlisberger 11.02.2022 Unterricht Disk & Network Forensics Imaging, Sleuth, … Raphael Rosenast 25.