Security News:

 

2019/06/11:

Two critical vulnerabilities in Microsoft’s NTLM authentication protocol consisting of three logical flaws make it possible for attackers to run remote code and authenticate on machines running any Windows version.

https://www.bleepingcomputer.com/news/security/microsoft-ntlm-flaws-expose-all-windows-machines-to-rce-attacks/

 

2019/03/11:

Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, which used to find the Availability of a host on an Internet Protocol (IP) network.

https://gbhackers.com/operating-systems-can-be-detected-using-ping-command/

 

2019/02/22:

Corporate firewalls can block reverse and bind TCP connections.However, corporate firewalls are behind internal networks.So we can use PING ICMP Shell:

https://gbhackers.com/icmp-shell-secret/

 

2019/02/03:

Exploiting Malwarebytes antimalware!

https://acru3l.github.io/2019/02/02/exploiting-mb-anti-exploit/

 

2019/01/24: redteam

Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using Windows Script Host (a.k.a. JScript/VBScript):

https://github.com/zerosum0x0/koadic

 

 

 

Advertisements