So after watching a talk at Defcon 23 about the Tracking Point rifle scope (When IoT Attacks: Hacking A Linux-Powered Rifle) I got interested and wanted to know what was in budget for some rifle hacking myself. What was identified in this talk was that it was possible to remotely change the point of impact of the bullet by adjusting the ballistic coefficient of the round within the… Continue reading

So i had the 32bit binary version of NFSShell but i needed the 64bit version.

Compiling this was simple once I had the required dependencies.

12345root@kali:~/Downloads/nfsshell-master# apt-get install libreadline-dev libncurses5-dev root@kali:~/Downloads/nfsshell-master# make gcc -g -o nfsshell mount_clnt.o mount_xdr.o nfs_prot_clnt.o nfs_prot_xdr.o nfsshell.o -L/usr/local/lib -lreadline -lhistory -lncurses root@kali:~/Downloads/nfsshell-master# ./nfsshell nfs> quit

And for those that just want the binaries you can download them from here: nfsshell 32 bit nfsshell 64 bit

So those of you with a Mac OS X who also use the handoff feature will have possibly experienced a bug with trying to answer calls on the Mac when you have multiple interfaces configured.

I connect to my home network using the MacBooks onboard airport card and also use a thunderbolt ethernet adapter when sat at my desk. The problem lies when I get back to my desk I… Continue reading

So I travel around and this year I was at BSidesLV and Defcon23 which are dodgy places to use wifi.

I always connect to my VPN endpoint so that all my traffic leaves my devices over a secure tunnel. However, the biggest flaw with the inbuilt Apple VPN client is that it won’t auto reestablish the VPN session if it dies or you wake the laptop from sleep. The wifi… Continue reading

So then Server 2016 is on its way and we’re currently getting the option to download Server Technical Preview 2.

So after an install the first thing you’ll notice is that there is no GUI, no it’s not broke, this is the route that Microsoft are pursuing with their Server line. It’s not a problem though, a simple few clicks and before you know it you’ll have a Desktop OS… Continue reading

So I was on a locked down Linux system this week with the inability to import any tools and I had to prove that strings could be identified in memory of certain processes.

Fortunately CentOS was installed which had gdb along with it so I took to writing a script to automate this work for me. (I had to test the processes in a number of different scenarios)

Basically the… Continue reading

So I decided to write a simple python port scanner but I wanted it to support to TCP, UDP, port ranges (22,23,135-139,443,445,3389 etc) and IP ranges(, 192.168.10-20,

I also wanted to limit the libraries I used for use on locked down systems, thus, we only use socket, sys and argparse.

The first thing to do was get the code working for a single host and then slowly add bits… Continue reading

So it grinds my gears that every time I do a pentest I end up reporting the same sh!t every time. You’d think before I turn up you’d at least patch your kit, but nope!

Here’s a little Top 5 for sysadmins, project managers and security controllers to consider doing before I break their kit. And this relates specifically to infrastructure kit, if it’s a web application that I’m testing… Continue reading

So it grinds my gears that every time I do a pentest I end up reporting the same sh!t every time. You’d think before I turn up you’d at least patch your kit, but nope!

Here’s a little Top 5 for web developers to consider doing before I break their kit. If you also want to look after your kit the application is hosted on I suggest you read this… Continue reading

So we have found the base64 string “SGVsbG9Xb3JsZCE=” on a locked down workstation and we want to decode. Quite often we don’t have access to tools so here’s a list of ways to decode the string using various languages.


12>>> import base64 >>> base64.b64decode("SGVsbG9Xb3JsZCE=")


12PS > [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("SGVsbG9Xb3JsZCE=")) blahblah


12use MIME::Base64; print decode_base64("SGVsbG9Xb3JsZCE=");


1echo SGVsbG9Xb3JsZCE= | base64 --decode


1echo base64_decode("SGVsbG9Xb3JsZCE=");


12byte[] data = Convert.FromBase64String("SGVsbG9Xb3JsZCE=");… Continue reading