Incursus Absconditus
Friday, March 13, 2015
Hijacking SSH to Inject Port Forwards
›
During red team post exploitation I sometimes run into jump boxes leading to test environments, production servers, DMZs, or other organizat...
4 comments:
Tuesday, October 14, 2014
Self-removing PE's with Remote Thread Injection
›
There has been a great deal of sharing of client side techniques of late, so I thought I'd toss out a tip. A means to have a PE executab...
Friday, August 1, 2014
Getting Busy at the Command Line
›
We all can get a little lazy relying on the frameworks that have arisen due to the monetization of offensive skills. In light of this, I wan...
Friday, June 6, 2014
Late Night Privilege Escalation (keepUP)
›
- Exploiting Local Interprocess Command Sockets - How this came to be: A few weekends ago I was working through exercises from the fo...
Saturday, March 8, 2014
Temporal Persistence with bitsadmin and schtasks
›
- Leaving a Key Under the Mat - Why Do This: On a recent engagement, I ran into a well-meaning individual who, after being briefed a...
1 comment:
Home
View web version