Check Your Privilege(s): Futzing with File Shares for low hanging fruit

No ratings

Presented at hack3rcon 2014 by

Adrian Crenshaw

Many vulnerability only last till they are patched, misconfiguration last forever. Sure, you can elevate to root/Domain Admin, but sometime you can get to the data anyway because it is already served up on a platter. This talk will cover why so many file shares are misconfigured, best ways to scan for them, and how to grep for critical data once you are there.