My Never-ending Quest to Break Gscript

What in the Wild World of Extreme Sports is Gscript? Gscript is a tool that bundles multiple malware payloads into 1 self-contained binary. Manually pushing malware payloads to a system is time consuming and error prone. The longer an attacker is inside of a system executing commands, the more likely they are to be detected. …

Continue reading My Never-ending Quest to Break Gscript

Building a Hardened Shell For Attack/Defend CTF Supremacy

Why do this? After playing the Pros versus Joes CTF on multiple occasions, a common tactic employed by the red team is to add malicious entries to bashrc, profile, and such. This is a common and documented persistence technique: https://attack.mitre.org/techniques/T1156/ Bash and other shells can be used to create sockets if they are configured/compiled to …

Continue reading Building a Hardened Shell For Attack/Defend CTF Supremacy

packet_write_wait: Connection to X.X.X.X port 22: Broken pipe

I was trying to SSH into a machine from my Kali Linux VM shortly after updating packages and encountered this error immediately after authenticating: packet_write_wait: Connection to X.X.X.X port 22: Broken pipe I was using VMWare Workstation. SSH on my host was working as expected. Another VM in VirtualBox was working just fine, too. Another …

Continue reading packet_write_wait: Connection to X.X.X.X port 22: Broken pipe

SLAE #7: Shellcode Crypter for Linux/x86

Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-7 directory. RC4 I decided to use the RC4 algorithm due to the fact that …

Continue reading SLAE #7: Shellcode Crypter for Linux/x86