June 6, 2020

Recent Posts

NsClient++ :: using PowerShell scripts

If you are using Nagios in a wintel environment, then you will almost certainly have heard of NsClient++, but if you haven’t its a fantastic Windows agent that listens on port 5666 (for check_nrpe commands from Nagios) and then if the received command is configured in its config file, it will execute it and return the result.  Those […]

PowerShell :: a macro malware sender

Hopefully you have landed here having read Part I and Part II of my How to make your own macro malware series and already have a little context behind this script.  In short, it came from a need to send an email with an attachment to hundreds of recipients whilst alternating the email content and spoofing the […]

How to make your own macro malware – Part II

Hi, Hopefully you have arrived here having read the part one of this guide which walks you through developing a strategy and those all important macro embedded documents.  If not, you can find the article here. So in this article we are going to cover a little bit about crafting a successful email and then […]

How to make your own macro malware – Part I

Hi, So in our intro to macro malware blog we covered how macro malware is on the rise, is almost impossible to prevent and the only way many enterprise environments can harden against it is to educate their users into not opening those malicious emails.  In this blog, and the subsequent parts, I want to walk […]

FortiGate :: Web Filter Troubleshooting

When troubleshooting issues with the web filtering tool on the FortiGate, there are a number of things to consider. This post will hopefully assist you with getting to the cause of the issue if you encounter problems with Web Filtering. Firstly, we must consider the 3 modes of operation with web filtering on the FortiGate; these are: Proxy-Based (SSL […]

PowerShell :: Split a long string

Hi, When I was writing some VBA for a macro malware project, I soon realised that there was a limit on the length of a string declaration in VBA which meant I had to break up a large Base64 string into multiple concatenations.  This PowerShell scripts automates that process and could be easily modified for […]

PowerShell :: Convert text file to Base64

Hi, So this script will read the text from a plain text file and then encode it as Base64. It is useful for Base64 encoding PowerShell scripts if you are looking to pass the script as an encoded command line argument. You will need to set the $inputFilePath and $outputFilePath and then execute. You could […]

PowerShell :: Convert Base64 to a binary file

Hi, The script takes an input text file containing a Base64 string and then writes the decoded file back to disk.  You can also use the $PEBytes variable with the PowerSploit project to run the executable in memory without writing it to disk. This script is designed in tandem with PowerShell :: Convert a binary file […]

PowerShell :: Convert a binary file to Base64

Hi, So occasionally I have need to encode files to Base64 and if those files are not simple text then it needs to be done at a binary level. This simple script in PowerShell does that for you, you simply set the $inputFilePath and $ouputFilePath then execute. It outputs to a file as the output […]

FortiGate :: HA Troubleshooting

FortiGates are capable of a few methods of High Availability.  This post will help you troubleshoot issues with the FortiGate Cluster Protocol (FGCP) in Active/Active or Active/Passive configurations. What is HA? High Availability is a feature that allows you to offer redundancy for your firewall. This is achieved by replicating all network connections on your […]
Page 5 of 6« First...«23456 »

Subscribe to SYNACK via Email