offsec notes

Compromising Terraform infrastructure via tfstate

Link

Hacking Terraform State for Privilege Escalation

What can an attacker do if they can edit Terraform state? The answer should be 'nothing' but is actually 'take over your CI/CD pipeline'.

❤3🐳2

307 views11:02

offsec notes

Impacket Developer Guide

Part 1 - RPC Deep Dive

Part 2 - Finding RPC on the system and some words about (in)security

Medium

Impacket Developer Guide. Part 1. RPC Deep Dive

Learn the basics of RPC, develop a client and server using C++

❤4🤔1🐳1

248 views18:05

offsec notes

MOTW bypass

Package payloads into ISO, IMG, VHD, VHDX, ZIP, 7z, PDF, CAB for MOTW bypass

# Package a payload into an ISO that bypasses MOTW
python PackMyPayload.py payload.exe -o delivery.iso -t iso

# Package into VHD (still unpatched as of 2025+)
python PackMyPayload.py payload.exe -o delivery.vhd -t vhd

Note: As of November 2022, Microsoft patched ISO files to propagate MOTW to inner files. However, VHD/VHDX containers still bypass MOTW. Many organizations also run older Windows versions where the ISO bypass still works.

GitHub

GitHub - mgeeky/PackMyPayload: A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate…

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, V...

❤4🐳1

86 views08:56

About

Blog

Apps

Platform