PowerShell Remoting from Linux to Windows
https://blog.quickbreach.io/ps-remote-from-linux-to-windows/
https://blog.quickbreach.io/ps-remote-from-linux-to-windows/
Deconstructing Fileless Attacks into 4 Underlying Techniques
https://blog.minerva-labs.com/deconstructing-fileless-attacks-into-4-underlying-techniques
https://blog.minerva-labs.com/deconstructing-fileless-attacks-into-4-underlying-techniques
Minerva-Labs
Deconstructing Fileless Attacks into 4 Underlying Techniques
Let’s examine 4 specific techniques that comprise fileless attacks and why they often go undetected by existing defenses.
GitHub - 0x27/CiscoRV320Dump: CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data
https://github.com/0x27/CiscoRV320Dump/
https://github.com/0x27/CiscoRV320Dump/
GitHub
GitHub - 0x27/CiscoRV320Dump: CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND…
CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit! - 0x27/CiscoRV320Dump
Found an intersting bypass:
https://x.x.x.x/WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/./WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/.//WEB-INF/web.xml -> 200 OK
Tomcat 8 on Windows...
https://x.x.x.x/WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/./WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/.//WEB-INF/web.xml -> 200 OK
Tomcat 8 on Windows...
Microsoft Powerpoint as Malware Dropper
https://marcoramilli.blogspot.com/2018/11/microsoft-powerpoint-as-malware-dropper.html
https://marcoramilli.blogspot.com/2018/11/microsoft-powerpoint-as-malware-dropper.html
UAC Bypass using SystemPropertiesAdvanced.exe and DLL Hijacking (Server 2019)
https://egre55.github.io/system-properties-uac-bypass/
https://egre55.github.io/system-properties-uac-bypass/
egre55.github.io
SystemPropertiesAdvanced.exe DLL Hijacking UAC Bypass
A short write up about a PDF callback request, which can also be used steal NTMLv2 hashes
https://insert-script.blogspot.com/2019/01/adobe-reader-pdf-callback-via-xslt.html
https://insert-script.blogspot.com/2019/01/adobe-reader-pdf-callback-via-xslt.html
Blogspot
Adobe Reader - PDF callback via XSLT stylesheet in XFA
I have seen on twitter that there is use for another PDF callback Proof-of-Concept in Adobe Reader. Last year a PDF file called " BadPDF "...
Server Tailgating – A Chosen Plaintext Attack on RDP
https://www.blackhat.com/docs/asia-18/asia-18-Karni-Zinar-Blachman-Server-Tailgating-A-Chosen-Plaintext-Attack-on-RDP.pdf
https://www.blackhat.com/docs/asia-18/asia-18-Karni-Zinar-Blachman-Server-Tailgating-A-Chosen-Plaintext-Attack-on-RDP.pdf
How to Hack an Expensive Camera and Not Get Killed by Your Wife
https://alexhude.github.io/2019/01/24/hacking-leica-m240.html
https://alexhude.github.io/2019/01/24/hacking-leica-m240.html
Focusing on different bits
How to Hack an Expensive Camera and Not Get Killed by Your Wife
Disclaimer
Red Team Nightmare (AV Bypass)
https://techryptic.github.io/2018/07/17/Red-Team-Nightmare-(AV-Bypass)/
https://techryptic.github.io/2018/07/17/Red-Team-Nightmare-(AV-Bypass)/
Writeup – Samsung Galaxy Apps Store RCE via MITM
https://www.adyta.pt/2019/01/29/writeup-samsung-app-store-rce-via-mitm/
https://www.adyta.pt/2019/01/29/writeup-samsung-app-store-rce-via-mitm/