Posted on 17th January 2018
In part 1, we looked at dynamically extracting table data from a compromised SSRS server. We covered:
Posted on 8th January 2018
SQL Server Reporting Services (SSRS) is a reporting engine designed to allow creation, publication and management of reports built on data stored in a MSSQL database. SSRS allows ogranisations to create paginated reports from numerous different data sets which can be displayed either in tables or visualised using graphical elements.
Posted on 14th December 2017
Theorizing that one could dredge up old vulnerabilities and blog about them, Sam Thomas stepped into the Quantum Leet accelerator - and vanished. ... And so Sam finds himself leaping from vuln to vuln, striving to put right what once went wrong and hoping each time that his next sploit... will pop a root shell.
Posted on 8th December 2017
I gave a talk at the local Glasgow Defcon in December 2017. The slides are available here:
Posted on 28th November 2017
RDPUpload is a tool which implements an old technique for uploading files in python. There is nothing new in its concept but the implementation is. You can get it here:
Posted on 2nd November 2017
As a continuation of our previous post, we wanted to discuss another technique that can help during an red team engagement where the intention is to usually stay under the radar when compromising high value accounts.
Posted on 30th October 2017
Of the many advancements in red teaming over the last 12 months, the development of BloodHound has provided a monumental step forward and is quickly becoming an essential tool in the arsenal of an attacker.
Posted on 23rd October 2017
This month our old friend Dynamic Data Exchange (DDE) within Microsoft’s office suite has been popular topic. Many will be familiar with it if they have played with CSV Injection before. With that, you can use DDE within a formula to get code execution within Excel.
Posted on 18th October 2017
In this tutorial I will provide you with a straightforward process that will get you in a position to make Extenders for Burp Suite. This is targeted at those using Java so that we can leverage the NetBeans GUI designer. By doing this you have a shot at making your GUI beautiful.