Learn how to use dpkg, rpm, and other related tools to find malware on your systems.
Exit Values on Windows
Hi cyberpals. Today I was messing around with some Windows utilities and realized that I didn't fully understand how to handle exit values. On *nix systems, you can do something like this: daniel@disstrack ~ % cat exit.c #include <stdlib.h> int main(int argc, char *argv[]) { if (argc > 1) return atoi(argv[1]); return 0; } daniel@disstrack …
My Never-ending Quest to Break Gscript
What in the Wild World of Extreme Sports is Gscript? Gscript is a tool that bundles multiple malware payloads into 1 self-contained binary. Manually pushing malware payloads to a system is time consuming and error prone. The longer an attacker is inside of a system executing commands, the more likely they are to be detected. …
Building a Hardened Shell For Attack/Defend CTF Supremacy
Why do this? After playing the Pros versus Joes CTF on multiple occasions, a common tactic employed by the red team is to add malicious entries to bashrc, profile, and such. This is a common and documented persistence technique: https://attack.mitre.org/techniques/T1156/ Bash and other shells can be used to create sockets if they are configured/compiled to …
Continue reading Building a Hardened Shell For Attack/Defend CTF Supremacy
Nmap + HASSH = <3
HASSH is a technique developed up by some clever engineers at Salesforce to fingerprint SSH implementations. If you want to know technical specifics of how this works, the GitHub repo and their blog post about it do a very good job of explaining the concept. Summing it up briefly, a HASSH is an MD5 hash …
Changing apt’s User-Agent string
Quick howto on changing apt/apt-get's User-Agent string.
Review of SANS Webcast – Gearing up for 2019 – Best Practices to Consider
My review of the SANS webcast Gearing up for 2019 - Best Practices to Consider
Keeping Nmap Scan History
Logging nmap scans using bash/zsh functions.
packet_write_wait: Connection to X.X.X.X port 22: Broken pipe
I was trying to SSH into a machine from my Kali Linux VM shortly after updating packages and encountered this error immediately after authenticating: packet_write_wait: Connection to X.X.X.X port 22: Broken pipe I was using VMWare Workstation. SSH on my host was working as expected. Another VM in VirtualBox was working just fine, too. Another …
Continue reading packet_write_wait: Connection to X.X.X.X port 22: Broken pipe
Protected: Job Interview Blunders
There is no excerpt because this is a protected post.
Bypassing IPv4 Security Measures Using IPv6
Introduction It is July 1st, 2018. Many systems and network administrators have a solid understanding of IPv4 networking and its underlying protocols, but little or no experience using IPv6. This is crazy to me, but we live in interesting times. IPv6 has been around for quite some time, but it still hasn’t been fully adopted. …
Continue reading Bypassing IPv4 Security Measures Using IPv6
SLAE #7: Shellcode Crypter for Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-7 directory. RC4 I decided to use the RC4 algorithm due to the fact that …
