TryHackMe Fusion Corp

by Vince
in Blog
Hits: 92

The description states:  "You had an engagement a while ago for Fusion Corp. They contacted you saying they've patched everything reported and you can start retesting."

Lately, my focus has been on Active Directory and when I came across this challenge, I found a privilege that I hadn't seen previously.  I don't want to get ahead of myself, so let's dig in:

Read more

PowerShell ConstrainedLanguage Mode ByPass

by Vince
in Blog
Hits: 130

What is Language Mode and what is ConstrainedLanguage Mode?  "The language mode determines the language elements that are permitted in the session.  The ConstrainedLanguage mode permits all cmdlets and all PowerShell language elements, but it limits permitted types."  So what does that really mean?  It means that in the context of compromising a system, we will be presented with an obstacle that we will need to overcome in order to execute PowerShell.  Below is FullLanguage Mode:

Read more

Abusing SeImpersonatePrivilege

by Vince
in Blog
Hits: 130

SeImpersonatePrivilege is one of those rights that I've yet to see used in the real world. 

Per the screenshot below:  'When you assign the "Impersonate a client after authentication" user right to a user, you permit programs that run on behalf of that user to impersonate a client.'  

Read more