Posts

RealWorld

Phishing

  Give a man a zero day, and he will have access for a day, teach him to phish and he’ll have access for life   Phishing, in particular a well-crafted spear phishing campaign, is one of the scarier attacks that someone could take aim at your company with. When tech companies like Facebook and …

Incident Response

Cleaning Up Malware (Part 2: Manual Cleans)

  So you have read Part 1 (Link) and you decided that you want to try manually cleaning up a machine. The one undisputed FACT we have at this moment is that the malware isn’t too particularly nasty- else you wouldn’t have a months salary potentially about to hit the chopping block! In other words- …

Incident Response

Cleaning Up Malware (Part 1: The bigger picture)

  I think every techie has their own ideas on how to clean up a malware outbreak. And every malware outbreak is different. There is no one size fits all answer. But this is roughly how I approach the situation in my day job.   Confirm Malware – Users aren’t always right. If a single …

VulnHub

DerpNStink

https://www.vulnhub.com/entry/derpnstink-1,221/       Mr. Derp and Uncle Stinky are two system administrators who are starting their own company, DerpNStink. Instead of hiring qualified professionals to build up their IT landscape, they decided to hack together their own system which is almost ready to go live…   Time Management One of the bigger issues in …

VulnHub

Lazy SysAdmin

https://www.vulnhub.com/entry/lazysysadmin-1,205/     Boot2root created out of frustration from failing my first OSCP exam attempt. LazySysadmin – The story of a lonely and lazy sysadmin who cries himself to sleep!   From reading the above blurb Im fully expecting that this challenge is going to violate the few golden rules we have on weak credential …

WindowsAuthentication

Attacking Local Accounts (Server Edition)

I was making a recommendation some time back that we could check user AD passwords against lists of known common passwords. This recommendation soon turned into a debate amongst my colleagues about how possible this would even be. Of course, not one to shy away from a challenge I set out to prove all the …