WordPress Smuggler

by Vince
in Blog
Hits: 222

When attacking WordPress, I will typically upload my WordPress Reverse Shell Plugin once I take control of the admin interface.  Upon getting a shell on the system, I will then move my tools over which got me to thinking -- can I incorporate my tools into the plugin and do it all at once? The answer is YES! 

If I'm attacking Linux, I want LinePeas and possibly some other privilege escalation scripts.  I probably want an ELF binary meterpreter reverse shell.  Beyond that, who knows but that's a good starting point for this post.

Read more

DFARS Compliance

by Vince
in Blog
Hits: 635

The Defense Federal Acquisition Regulation Supplement (DFARS) is a set of cybersecurity regulations that the Department of Defense (DoD) now imposes on external contractors and suppliers.

This is my interpretation but basically the government is tired of getting hacked through their supply chain and they've come up with a laundry list of security requirements to help reduce such attacks.

Read more

Account Lockout Examiner

by Vince
in Blog
Hits: 139

I kept seeing this error in the SIEM and it was bugging me because I couldn't identify the source.  At first glance, I thought it was an attacker because that's just how my mind works but given that this bad password was hitting the logs every 30 minutes, I was thinking that it was the slowest brute force attack... ever.  And it was literally every 30 minutes.  A quick Google search uncovered this free tool which made it super easy to get to the source. 

Read more