Exploiting MacOS

by Vince
in Blog
Hits: 1098

I have a friend that is a huge Mac nerd and about a year ago, he was talking about Mac OS being secure.  Full disclosure, I have a MacBook Pro and a Mac Mini -- I like the platform.  But I took his comments as a challenge, jumped on Ebay, and I bought a Mac Mini for exploitation. 

Under the hood, a Mac is a Linux operating system and like most Linux flavors, there are variations between them.  Let's be honest, at some point, a Mac Remote Code Execution (RCE) vulnerability will materialize and having Tactics, Techniques, and Procedures, for the Mac platform will not hurt me.  And that's basically what this is all about.

Read more

Cracking Hashes with Colabcat

by Vince
in Blog
Hits: 931

Necessity is the mother of invention Googling.  I had an issue with Hashcat.  Technically, according to Hashcat, I had an issue with my graphics card.  Whatever the issue, I was unable to crack a Kerberos hash and while I was hunting for a solution, I discovered Colabcat.  According to the description:  "Run Hashcat on Google Colab with session restore capabilities with Google Drive."

Read more

WordPress Smuggler

by Vince
in Blog
Hits: 1059

When attacking WordPress, I will typically upload my WordPress Reverse Shell Plugin once I take control of the admin interface.  Upon getting a shell on the system, I will then move my tools over which got me to thinking -- can I incorporate my tools into the plugin and do it all at once? The answer is YES! 

If I'm attacking Linux, I want LinePeas and possibly some other privilege escalation scripts.  I probably want an ELF binary meterpreter reverse shell.  Beyond that, who knows but that's a good starting point for this post.

Read more