Fierce Fierce is a DNS brute-force scanner which comes bundled with the Kali Linux distro. Since we’re not using Kali let’s get and configure fierce from the github project’s page: https://github.com/davidpepper/fierce-domain-scanner First, let’s create a ‘Recon’ folder where we will put our tools. Now that we’ve created our recon folder, let’s…
Leave a CommentAuthor: admin
Recon Part 1 – Building a Machine
This series is about setting up a recon machine in the cloud, using some basic tools, and diving in to the recon process! As I move my career in to the security space I want to document my process. Part of this involves testing various utilities and trying my hand at…
Leave a CommentImageMagick Proof Of Concept – Remote Shell
ImageMagick is a server-side image processing engine which is very widely used. Some functions include compressing/resizing submitted images (profile pictures, for instance) to standardize files in the server’s database. Some of the popular image processing plugins in php, ruby’s rmagick, and others use ImageMagick’s platform. Before going further, here’s a…
Leave a CommentGoogle CTF 2016 – Ernst Echidna
My first CTF challenge was Ernst Echidna which is a simple web page (here) which had a register page. After inspecting the requests when interacting on the site and by checking the robots.txt file, we were able to determine that there is a /admin page which you attempt to arrive at but are…
Leave a CommentGoogle CTF 2016 – Spotted Quoll Writeup
First write-up from: Google CTF 2016 Competition link can be found here: https://spotted-quoll.ctfcompetition.com/ After turning on dev tools in Chrome I began to look around the simple site. The major thing which stuck out was that by clicking on the ‘Admin’ link I would land on the following page: https://spotted-quoll.ctfcompetition.com/#err=user_not_found …
Leave a CommentDon’t DROWN! – Avoiding the TLS/SSL vulnerability
What is it? DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) is a recently discovered (March 2016) vulnerability in SSL/TLS which can allow attackers to break the security SSL and TLS are supposed to provide and acquire the newly decrypted data. The flaw exploits servers which still support encryption services…
Leave a CommentPS-Tip #2 – Windows Remote System Uptime
In this post I’ll cover a Python and PowerShell script I wrote for a tool which had a function of obtaining the uptime of a remote machine. I’ll start by posting the script, in full, here: import os import subprocess def ps_remote_system_uptime(): remote_target = raw_input(“Which system do you want the…
Leave a CommentPS-Tip #1 – Remote DNS Cache Clearing
PS-Tips are a series of shorter posts which introduce and explain short PowerShell snippets that may help to automate some tasks. There are a requirements to run remote PowerShell commands and I’ll cover the details of setting the prerequisites in a later post. The process for getting setup isn’t too difficult so…
Leave a CommentExchange 2013 – Archive Mailboxes!
This is going to be a short post about Exchange 2013 and Archive Mailboxes. Most organizations are faced with a plethora of mail storage issues – size limits, retention policies, PSTs management, and storing old mailbox data – which can be a challenge to navigate. Exchange 2010 introduced Archive Mailboxes…
Leave a Comment