集群式故障点——攻击 Windows 服务器故障转移集群.pdf

《集群式故障点——攻击 Windows 服务器故障转移集群.pdf》由会员分享，可在线阅读，更多相关《集群式故障点——攻击 Windows 服务器故障转移集群.pdf（138页珍藏版）》请在三个皮匠报告上搜索。

1、#BHUSA BlackHatEventsClustered Points of FailureClustered Points of FailureAttacking Windows Server Failover ClustersAttacking Windows Server Failover ClustersGarrett Foster#BHUSA BlackHatEvents12390123456#BHUSA BlackHatEvents12890890678#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents

2、“A set of independent computers that work together to increase the availability of applications and services”#BHUSA BlackHatEventsFile ServerDatabase#BHUSA BlackHatEvents#BHUSA BlackHatEvents“that was weird.”“that was weird.”#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA Black

3、HatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEventsgarrettblackhat:$wmiexec.py cluster.ludus.domain k-no-pass#BHUSA BlackHatEventsgarrettblackhat:$wmiexec.py cluster.ludus.domain k-no-passImpacket v0.13.0.dev0+20250226.212301.ead516a1-Co

4、pyright Fortra,LLC and its affiliated companies-SMB SessionError:code:0 xc00000cc-STATUS_BAD_NETWORK_NAME-Network Name Not Found The specified share name cannot be found on the remote server.garrettblackhat:$#BHUSA BlackHatEventsgarrettblackhat:$wmiexec.py cluster.ludus.domain k-no-passImpacket v0.1

5、3.0.dev0+20250226.212301.ead516a1-Copyright Fortra,LLC and its affiliated companies-SMB SessionError:code:0 xc00000cc-STATUS_BAD_NETWORK_NAME-Network Name Not Found The specified share name cannot be found on the remote server.garrettblackhat:$#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHa

6、tEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEvents#BHUSA BlackHatEventsWhy did scheduled tasks Why did scheduled tasks work?work?#BHUSA BlackHatEventsWhy that host?Why that host?#BHUSA BlackHatEve