Vulnhub Netstart: 1 Walkthrough

by Vince
in Blog
Hits: 695

The description states:  "This is a Linux box, running a WINE Application vulnerable to Buffer Overflow, escalation is pretty simple."

As stated, this is an easy buffer overflow problem assuming you understand the process.  If you want a more detailed walkthrough using a different box, my post on Brainpan, goes into greater detail for each step.

Read more

Deobfuscation with PowerShell Logging

by Vince
in Blog
Hits: 446

There are a number of tools used for obfuscating PowerShell and one of the more famous tools, Invoke Obfuscation, I've written about a few times.  But with PowerShell logging becoming more popular, I wonder why the bother to obfuscate.  As far as I can tell, it no longer helps with evasion and if it's not captured in some form, what's the point? 

To see what I'm talking about, we need to enable logging and script block logging:

Read more

Windows Scheduler Credential Stealer

by Vince
in Blog
Hits: 366

In the one-liner below, we are able to pop a credentials box and attempt to steal credentials.  If we remove the pipe and what follows, we would see the output at the command line.  With the pipe and what follows, we output it into a file.  And since Public is public, we can easily write into that location.

Read more