My Never-ending Quest to Break Gscript

What in the Wild World of Extreme Sports is Gscript? Gscript is a tool that bundles multiple malware payloads into 1 self-contained binary. Manually pushing malware payloads to a system is time consuming and error prone. The longer an attacker is inside of a system executing commands, the more likely they are to be detected. …

Continue reading My Never-ending Quest to Break Gscript

Building a Hardened Shell For Attack/Defend CTF Supremacy

Why do this? After playing the Pros versus Joes CTF on multiple occasions, a common tactic employed by the red team is to add malicious entries to bashrc, profile, and such. This is a common and documented persistence technique: https://attack.mitre.org/techniques/T1156/ Bash and other shells can be used to create sockets if they are configured/compiled to …

Continue reading Building a Hardened Shell For Attack/Defend CTF Supremacy