Jeg gleder meg virkelig til å holde høstkurs for Hackcon fra 18. til 21. september. Dersom du skal på høstkurset så kan du lese denne blogposten så skal jeg gi deg litt oversikt over hva kurset skal inneholde og hva du kan glede deg til. Dette er første gang (som jeg vet om) noen kjører […]
TL;DR You can run a remote shell through ICMP. ICMP can be used for bad. Many customers have asked me this question many times, and in general ICMP (ICMP is a lot more than just ping, but is often referred to as ping for simplicity) is a nice thing to use to verify if […]
Just wanted to do a quick follow-up on this bypass. Seems that BGInfo 4.22 still can be used to bypass AppLocker using the techniques I showed in my previous post. Meaning that if you use AppLocker as whitelisting solution I guess you must deny BGInfo.exe in order to prevent this bypass. Screenshots from an AppLocker […]
TL;DR BGinfo.exe older than version 4.22 can be used to bypass application whitelisting using vbscript inside a bgi file. This can run directly from a webdav server. UPDATE: 22.05.2017 AppLocker is still vulnerable with Bginfo 4.22. A blogpost about that here: https://msitpros.com/?p=3860 UPDATE: 19.06.2017 Microsoft has thanked me in their documentation for this finding. The […]
I must say that NIC 2017 was an awesome event and I meet a lot of great people. Thanks to all the people working for NIC that made this such a great event. During my presentation, I did not get enough time to show all the things I wanted to (damn you demo gods), and […]
I received a lot of positive feedback on my previous post on accessing the clipboard from the lock screen using the wireless password field. https://msitpros.com/?p=3746 Just out of curiosity I tried other combinations on doing the same thing, and I found out another cool trick to do the same using the Narrator feature in Windows. […]
This is probably something that many already knows and there are probably other and better blogposts about this, but I thought that it is important to refresh old knowledge. In Skype it is possible to send links in an IM chat and that’s great. A problem with that is that it can be used for […]
If there is one session about security I really think you should watch, it is definitely Rob Joyce’s talk at USENIX. Rob Joyce leads the NSAs Tailed Access Operations. They are often referred to as Nation-State hackers. His session is about tips on how to prevent or make it more difficult for Nation-State Hackers to get […]
This might come as a shocker to you (irony), but cyber-criminals use e-mail to attack your users. I feel that client security is something that is often overlooked and IT-pros tend to focus on securing the servers rather than focusing on what is possible to do from the clients within the company network. If you […]
Let’s say you love Armitage ( I do ) and you are doing a pentest assignment and you can only work remotely against a Kali 2.0 vm hosted in a datacenter or something. Armitage is a GUI tool and you really need to have a desktop to use it. Or at least that was what […]