π [ FortaliceLLC, Fortalice Solutions ]
NTLM Relaying to SCCM for the win πππ Fortalice's @Tw1sm just added SCCM support to NtlmRelayX. Check out the PR at: https://t.co/hWfNeiuqxp
π https://github.com/SecureAuthCorp/impacket/pull/1425
π₯ [ tweet ]
NTLM Relaying to SCCM for the win πππ Fortalice's @Tw1sm just added SCCM support to NtlmRelayX. Check out the PR at: https://t.co/hWfNeiuqxp
π https://github.com/SecureAuthCorp/impacket/pull/1425
π₯ [ tweet ]
π [ mpgn_x64, mpgn ]
New update on CrackMapExec π½
β‘οΈ Upload/download with MSSQL -guervild
β‘οΈ Exploit KeePass (discover, trigger) @d3lb3_ π₯
β‘οΈ ACL read with LDAP @BlWasp_
β‘οΈ Check ntlmv1 (postex) @Tw1sm
β‘οΈ Check alwayselevated (postex) -bogey3
β‘οΈ Improved export on cmedb @gray_sec
πͺ
π₯ [ tweet ]
New update on CrackMapExec π½
β‘οΈ Upload/download with MSSQL -guervild
β‘οΈ Exploit KeePass (discover, trigger) @d3lb3_ π₯
β‘οΈ ACL read with LDAP @BlWasp_
β‘οΈ Check ntlmv1 (postex) @Tw1sm
β‘οΈ Check alwayselevated (postex) -bogey3
β‘οΈ Improved export on cmedb @gray_sec
πͺ
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
Based on @dec0neβs work on ShadowSpray Iβve pushed a small update to #pywhisker of @_nwodtuhs and @podalirius_ implementing the βsprayβ action. Now you can pass a list of users and try to add the same Shadow Credentials for each of them with pywhisker from Linux ππ»
π₯ [ tweet ]
Based on @dec0neβs work on ShadowSpray Iβve pushed a small update to #pywhisker of @_nwodtuhs and @podalirius_ implementing the βsprayβ action. Now you can pass a list of users and try to add the same Shadow Credentials for each of them with pywhisker from Linux ππ»
π₯ [ tweet ]
π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
π [ zux0x3a, Lawrence εε«ζ― ]
Ported the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName
https://t.co/EhR9yNybF2
what's new? => https://t.co/t7Tkv2AW4O
π https://github.com/0xsp-SRD/0xsp.com/tree/main/chopper
π https://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1
π₯ [ tweet ]
Ported the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName
https://t.co/EhR9yNybF2
what's new? => https://t.co/t7Tkv2AW4O
π https://github.com/0xsp-SRD/0xsp.com/tree/main/chopper
π https://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1
π₯ [ tweet ]
π [ 0xdf_, 0xdf ]
Perspective from @hackthebox_eu is all about exploitation of a ASP.NET application. There's file read, ssrf, cookie signing, crypto, deserialization, and much more. Beyond Root has JuicyPotatoNG that's almost blocked but not.
π https://0xdf.gitlab.io/2022/10/15/htb-perspective.html
π₯ [ tweet ]
Perspective from @hackthebox_eu is all about exploitation of a ASP.NET application. There's file read, ssrf, cookie signing, crypto, deserialization, and much more. Beyond Root has JuicyPotatoNG that's almost blocked but not.
π https://0xdf.gitlab.io/2022/10/15/htb-perspective.html
π₯ [ tweet ]
π [ dr4k0nia, dr4k0nia ]
Time for another blog post :) This time Im writing about building my own string encryption obfuscator in C#. Featuring a simple XOR based cipher and unique per string encryption keys. Works from .NET Framework 4.6+ up to latest .NET
https://t.co/htjR6XdS1Q
π https://dr4k0nia.github.io/dotnet/coding/2022/10/15/Encrypting-Strings-In-NET.html
π₯ [ tweet ]
Time for another blog post :) This time Im writing about building my own string encryption obfuscator in C#. Featuring a simple XOR based cipher and unique per string encryption keys. Works from .NET Framework 4.6+ up to latest .NET
https://t.co/htjR6XdS1Q
π https://dr4k0nia.github.io/dotnet/coding/2022/10/15/Encrypting-Strings-In-NET.html
π₯ [ tweet ]
π [ zux0x3a, Lawrence εε«ζ― | ΩΩΨ±Ψ§ΩΨ³ ]
https://t.co/QOrhGwKctm
CredUI shellcoder runner shared !
π https://ired.dev/discussion/comment/4/#Comment_4
π₯ [ tweet ]
https://t.co/QOrhGwKctm
CredUI shellcoder runner shared !
π https://ired.dev/discussion/comment/4/#Comment_4
π₯ [ tweet ]
π [ dr4k0nia, dr4k0nia ]
Alongside my latest blog post about string encryption in .NET Im also releasing the source code of my string encryption obfuscator. https://t.co/eQVP1ZVAjt
π https://github.com/dr4k0nia/XorStringsNET
π₯ [ tweet ]
Alongside my latest blog post about string encryption in .NET Im also releasing the source code of my string encryption obfuscator. https://t.co/eQVP1ZVAjt
π https://github.com/dr4k0nia/XorStringsNET
π₯ [ tweet ]
π [ 424f424f, rvrsh3ll ]
Minor update to my BOF_Collection to make compiling a bit easier. https://t.co/SP7Bp4QTxg
π https://github.com/rvrsh3ll/BOF_Collection
π₯ [ tweet ]
Minor update to my BOF_Collection to make compiling a bit easier. https://t.co/SP7Bp4QTxg
π https://github.com/rvrsh3ll/BOF_Collection
π₯ [ tweet ]
π [ ORCx41, ORCA ]
Ever wanted to run your payload without being boring ? here you go ...
https://t.co/FmMEwiGWKV
π https://github.com/ORCx41/NoRunPI
π₯ [ tweet ]
Ever wanted to run your payload without being boring ? here you go ...
https://t.co/FmMEwiGWKV
π https://github.com/ORCx41/NoRunPI
π₯ [ tweet ]
π [ 424f424f, rvrsh3ll ]
A shellcode loader in the @MicrosoftStore ? What could go wrong.
https://t.co/V8M5iqHu9t
π https://apps.microsoft.com/store/detail/shellcode-loader/9P6M7GWNH769
π₯ [ tweet ]
A shellcode loader in the @MicrosoftStore ? What could go wrong.
https://t.co/V8M5iqHu9t
π https://apps.microsoft.com/store/detail/shellcode-loader/9P6M7GWNH769
π₯ [ tweet ]
π [ _Wra7h, Christian W ]
Found a reason to write PEResourceInject in C# this weekend. Here's the gist: https://t.co/AmfdkWzFZN
π https://gist.github.com/Wra7h/65f52dc325a215227daa312a2e54a0a5
π₯ [ tweet ]
Found a reason to write PEResourceInject in C# this weekend. Here's the gist: https://t.co/AmfdkWzFZN
π https://gist.github.com/Wra7h/65f52dc325a215227daa312a2e54a0a5
π₯ [ tweet ]
π [ bugch3ck, Jonas Vestberg ]
Making an old private project public. No news, just a merge of SweetPotato by @_EthicalChaos_ and SharpSystemTriggers/SharpEfsTrigger by @cube0x0.
https://t.co/EIX4QWoRLP
π https://github.com/bugch3ck/SharpEfsPotato
π₯ [ tweet ]
Making an old private project public. No news, just a merge of SweetPotato by @_EthicalChaos_ and SharpSystemTriggers/SharpEfsTrigger by @cube0x0.
https://t.co/EIX4QWoRLP
π https://github.com/bugch3ck/SharpEfsPotato
π₯ [ tweet ]
π [ CaptMeelo, Meelo ]
Got some time over the weekend to make a new post. Here you go.
#redteam #maldev #pentest
https://t.co/Qlyc6A7YEf
π https://captmeelo.com/redteam/maldev/2022/10/17/independent-malware.html
π₯ [ tweet ]
Got some time over the weekend to make a new post. Here you go.
#redteam #maldev #pentest
https://t.co/Qlyc6A7YEf
π https://captmeelo.com/redteam/maldev/2022/10/17/independent-malware.html
π₯ [ tweet ]
π [ n00py1, n00py ]
Blue Teams turn for shellz
https://t.co/8L5t9N5w5H
π https://github.com/its-arun/CVE-2022-39197
π₯ [ tweet ]
Blue Teams turn for shellz
https://t.co/8L5t9N5w5H
π https://github.com/its-arun/CVE-2022-39197
π₯ [ tweet ]
π [ filip_dragovic, Filip Dragovic ]
PoC for CVE-2022-3368 , arbitrary file move bug I found in Avira Security.
https://t.co/MRewhiDit4
π https://github.com/Wh04m1001/CVE-2022-3368
π₯ [ tweet ]
PoC for CVE-2022-3368 , arbitrary file move bug I found in Avira Security.
https://t.co/MRewhiDit4
π https://github.com/Wh04m1001/CVE-2022-3368
π₯ [ tweet ]
π [ dafthack, Beau Bullock ]
Finding cleartext creds in AD user attributes is something that happens more than most might think. Great demo John! Here's a 1-liner to find these while leveraging PowerView:
https://t.co/ZItkN8BjZ9
And here's one for Azure AD:
https://t.co/IcCHRYPrE5
π https://gist.github.com/dafthack/5f8c36f7468fad991e9e1f6d81ec29d4
π₯ [ tweet ][ quote ]
Finding cleartext creds in AD user attributes is something that happens more than most might think. Great demo John! Here's a 1-liner to find these while leveraging PowerView:
https://t.co/ZItkN8BjZ9
And here's one for Azure AD:
https://t.co/IcCHRYPrE5
π https://gist.github.com/dafthack/5f8c36f7468fad991e9e1f6d81ec29d4
π₯ [ tweet ][ quote ]
π₯1