So then Server 2016 is on its way and we’re currently getting the option to download Server Technical Preview 2.

So after an install the first thing you’ll notice is that there is no GUI, no it’s not broke, this is the route that Microsoft are pursuing with their Server line. It’s not a problem though, a simple few clicks and before you know it you’ll have a Desktop OS… Continue reading

So after using csharp to inject shellcode I wanted to see what other languages were able to directly write to and call memory locations.

As I’ve been working my way through The SecurityTube Python Scripting Expert course I decided it made sense to see if it was possible with python.

A quick google found me a href=”” target=”_blank”>this post by Debasish. FULL credit for this work goes to Debasish, this post is purely… Continue reading

Okay, so the first thing you’re wondering is “Why the hell would you want to do this?

Well the answer becomes more obvious when the scenario is set: You’re on a social engineering job and you’ve managed to gain access to the target building, you walk around for a bit to see if any of the desks look free. After a while you decide to sit down at… Continue reading

Credit for most of the below comes from Mubix who has created a few documents (on google docs) that lists what to actually do once shell access has been gained. You can read more about it here and find the links to the docs, I’m simply blogging about it to make a summary of this for myself.

Meterpreter Post Auth

Information Gathering

12345678910getuid getpid getsprivs sysinfo screenshot run winenum.rb run… Continue reading

So we’ve all played with RID cycling and GetAcct.exe but lately I guess we’ve not been pulling this out of our bag. Protection against this is now normal so we need a new way to enumerate usernames against a given domain. New info on this website is pointing towards a tool called ebrute that will allow enumeration of kerberos without having to take a password guess. On a decent machine… Continue reading