Having read a few articles about the restricted-admin mode on RDP I decided to give this ago to make sure I had all the tools in order to use this attack. I installed a machine with windows server 2012 R2 edition and enabled RDP. Then I dumped the hashes from the box as shown here… Continue reading Pass The Hash RDP (Windows 2012 R2)
Enabling Oracle Support in Metasploit on Kali Linux Hey Again, (Update for Kali Linux) So the other week I was having major issues with my Oracle tools and could not get the latest version of Metasploit to fire exploits or auxiliarys at any Oracle service. I spent lots of time browsing the internet for forums… Continue reading Enabling Oracle Support in Metasploit on Kali Linux
Hey Guys, Here is a few tweaks that I have found from various posts on the internet. It allows you to tweak your msfconsole to look differently and tell you important information on the fly whilst hacking: What you LHOST IP address is How many jobs are running How many exploits are running Date/Time To configure this… Continue reading Metasploit Resource Scripts and Startup Tweaks
Happy New Year! Its been bugging me for a while now that Ubuntu have removed the support for SSLv2 in Openssl as standard. If you are unsure whether your openssl has support for SSLv2 try running a simple sslscan on your own Apache server like this below: Once you are sure your openssl is not compiled to… Continue reading Enabling SSLv2 for Ubuntu 11.10 & 12.04
Hey Guys, I was messing with file permissions on windows the other day and needed a quick way to obtain file permissions on certain directories or complete drives without the need to upload new tools etc. Also I wanted the output in an easy, readable manor so I thought CSV would be a good way… Continue reading Simple but Effective CACLS on Heat with PowerShell (PS)
Hey Everyone, Firstly I would like to say that I did not find this vulnerability, I mearly coded a working exploit that allowed full pwnage and meterpreter shell to the targeted system. The way in which the exploit works is by telling the service that it requires an update and you supply the installation executable… Continue reading HP DataProtector <= v6.20 Vulnerability
So, Recently I have spent alot of time on Local Lockdown testing and 98 times out of a 100 they allow VBScript to be run. Very bad mistake. With VBScript it is possible to do lots of wonderful this that a normal locked down user wouldn’t, i.e. Access Registry Execute Programs Get File Permissions Query… Continue reading VB Script!