COMPROMISING A WORDPRESS SITE AND PIVOTING TO THE INTERNAL NETWORK

PIVOTING TO THE INTERNAL NETWORK A few months ago I ran into WordPress on a penetration test. It was a generic web application security assessment, but in this case, I was able to compromise the server and most noteworthy to do pivoting thru the internal network. I thought I’d take the compromise walk-through and turn…Read more COMPROMISING A WORDPRESS SITE AND PIVOTING TO THE INTERNAL NETWORK

Using APT tactics and techniques in your pentests   APT tactics I have a student that has been asking me about internal network penetration testing. As a result, I figured I’d write a blog post about APT tactics. I was trying to explain to him that there is so much more to it than just…Read more

UAC Bypass – SDCLT

Penetration Testing Lab

SDCLT is a Microsoft binary that is used in Windows systems (Windows 7 and above) to allow the user to perform backup and restore operations. However it is one of the Microsoft binaries that has been configured to have the autoElevate setting to “true”. This can be verified by using the Sigcheck tool from sysinternals and exploring its manifest file:

sdclt - autoelevate set to true sdclt – autoelevate is set to true

Matt Nelson discovered two methods that can allow  a user to bypass UAC through this binary in Windows 10 environments. Both methods require to construct a specific registry structure however they differ from each other since one method can take command parameters while the other method the full path of a binary that will executed.

App Paths

The backup and restore operation is part of the control panel. This means that when the sdclt.exe process starts the control panel is starting as well…

View original post 359 more words

QR Code Attack Vector :: Spoofing, Poisoning and Phishing aplications with QR Codes

QR code is a structured code in an image that can be read by specific readers that reveal their content or perform redirect functions for pages and so on. This tool, which was created especially for parts catalog and inventory management, is now used in various posters, business cards, banners, manuals, flayers and etc, and…Read more QR Code Attack Vector :: Spoofing, Poisoning and Phishing aplications with QR Codes

Creating E-mail Bomber in 15 Minutes with Python

In this article I will demonstrate the operation of a spammer technique, used for continuous sending of e-mail messages to third parties, in order to fill inboxes, make specific providers blacklist and even can be used by trolling to fool friends, celebrities, companies And co-workers by Trolls and coding a simple example of a tool…Read more Creating E-mail Bomber in 15 Minutes with Python

Using free hosting for Spoofing and forging Emails for Spamming

Email Spoofing, as its name suggests, is a method used by malicious attackers to falsify the sender of an e-mail message through a DNS zone or SMTP authentication failure. There are many vectors that can be applied to the use of Email Spoofing . A malicious person can use this device to send billing messages…Read more Using free hosting for Spoofing and forging Emails for Spamming

Fingerprinting and Getting Information from DNS, IP’s and Websites with Maltego

  1 :: Download the corresponding file for your distribution on the Maltego website Link: https://www.paterva.com/web6/products/download.php Debian Distros: # dpkg -i MaltegoChlorineCE.3.6.0.6640.deb Fedora, CentOS/RHEL: # rpm -i MaltegoChlorineCE.3.6.0.6640.rpm Slackware Distros - Baixe o RPM # rpm2tgz MaltegoChlorineCE.3.6.0.6640.rpm # installpkg MaltegoChlorineCE.3.6.0.6640.tgz 2 :: Register on the maltego website. You will always need to enter your email…Read more Fingerprinting and Getting Information from DNS, IP’s and Websites with Maltego