C# Reverse Shell

by Vince
in Blog
Hits: 679

I've been noodling around with C# and I came up with an idea.  When we compile an executable, we get that generic application icon.  With a simple flag, we can add an icon -- I thought the PDF icon would be interesting for obvious reasons.  Let's start with something simple, we're just going to compile this C# that pops open notepad.

Read more

Abusing ACLs

by Vince
in Blog
Hits: 492

For the sake of keeping it simple -- Access Control Lists provide granular permissions to objects.  Quoting Microsoft:  "Access control for objects in Active Directory Domain Services is based on Windows NT and Windows 2000 access-control models.  Access privileges for resources in Active Directory Domain Services are usually granted through the use of an access control entry (ACE)."

Often times what I find is that a misunderstanding of what permissions do is what gets people into trouble.  Let's look at a standard Active Directory user:

Read more

Abusing DNSAdmins

by Vince
in Blog
Hits: 633

"Members of DNSAdmins group have access to network DNS information. The default permissions are as follows: Allow: Read, Write, Create All Child objects, Delete Child objects, Special Permissions. This group exists only if the DNS server role is or was once installed on a domain controller in the domain."

Read more