December 10, 2019

Recent Posts

Bug Hunting – PHP

I’ve been doing a bit of bug hunting recently (with varying degrees of success) and really wanted to write this article just so I have a little cheat sheet to go back to!  I’ll keep updating it and adding bits as I find more. When I scoured the internet I came across a few “examples” […]

CISSP :: Security and Risk Management – Part 1

The first domain we will discuss in my series of CISSP articles will be Security and Risk Management. I will break this down across several posts, with the intention of keeping them “bite-sized” and easier to take on board. I will use the (ISC)2 defined sub-categories of each domain as headings during my posts. Confidentiality, […]

CISSP :: Certified Information Systems Security Professional – Introduction

I have set myself a task this year to achieve CISSP – Certified Information Systems Security Professional. CISSP is a globally recognised certification that encompasses a broad range of IT Security topics. It’s vendor-neutral and well regarded in the industry. To become a CISSP, you must meet the following: You must have completed a minimum of […]

VMWare :: Clone a VM without vCenter

VMWare ESXi is a great free tool for any home lab, but something that is missing is the ability to clone VMs – a feature reserved for customers with vCenter. Well, there is a relatively straight forward process that will enable you to duplicate your VMs and I will show you how in this post. […]

Firewall Troubleshooting :: CLI Packet Captures

In this post, I will cover the CLI based packet capture functionality for two firewalls; these are FortiGates and Check Points. Each have slightly different commands, but the results are fairly similar. This post will hopefully be of use for environments with multiple firewalls vendors, or where you support multiple customers with differing firewall vendors. What […]

Using PowerSploit to inject MSFVenom shellcode

This article will discuss how we can use the rather brilliant PowerSploit project, coupled with MSFVenom, to inject a staged Meterpreter reverse HTTPS shell into a running process.  This script can then be Base64 encoded and used in a USB HID attack or a macro malware document and I will write the relevant guides for […]

PowerShell :: Base64 to string

Completing the numerous something to Base64 and back again scripts is this little one liner to get a string back from a Base64 encoded string.  This is useful a lot when doing offensive security as it allows you to store a script in Base64 then iex the decoded string.  ieex being an awesome PowerShell command […]

USB HID – Teenyduino keyboard led feedback

After doing a bit of Google-Fu I managed to work out how to read the state of the simulated keyboard LEDs for the Teensyduino.  It turns out you read a single value with the predefined variable keyboard_leds which when converted to binary shows the state of each LED in the least significant bits.  The what?  Let’s […]

USB HID – what to do when cmd and run are disabled

All the articles I can find on the internet for the USB HID attack vector revolve around using one of two initial shell access methods.  These are: Windows key + R — Open a run  prompt Windows key, type “CMD”, press ENTER — Open a command window Anyone who has worked in enterprise IT in the […]

USB HID attack – A zero to hero guide

I’ve had a Teensy USB 3.2 Arduino board for around a year now with the intention of playing with some USB HID attacks and creating this blog has finally motivated me to do it.  Hurrah for the blog.  If you haven’t heard or seen anything about USB HID attacks they are a pretty neat little attack […]
Page 3 of 6«12345 » ...Last »

Subscribe to SYNACK via Email