Ricardo J. Ruiz Fernández

A program to control systems remotely by uploading videos to Youtube using Python to create the videos and the listener, similar to some malware I was reading about. It allows to create videos with frames formed of simple text, QR codes with cleartext or QR codes using AES encryption.

A scenario where we have to upload files to a server whose MSSQL credentials we know (so we have remote code execution) but the server is in other network. For that, we will transfer the base64-encoded file line by line.

AlphaWeb XE, the embedded web server running on AlphaCom XE, has a vulnerability which allows to upload PHP files leading to RCE once the authentication is successful.

In this post I will explain a simplified scenario in which we could abuse the SSPR functionality of Azure to update the password of an expired “Domain Admin” user account in the Windows AD.

Dumping the Lsass process to get the passwords stored in memory in a Windows machine is one of the most common uses of Mimikatz. However, there are stealthier methods to do this, such as using custom code. Doing so, we can customize the dump file name, using the hostname and date as name and harmless extensions such as “.txt” instead of “.dmp”.

Dumping the Lsass process to get the passwords stored in memory in a Windows machine is one of the most common uses of Mimikatz. However, there are stealthier methods to do this, such as using custom code. Doing so, we can customize the dump file name, using the hostname and date as name and harmless extensions such as “.txt” instead of “.dmp”.

After some minutes of inactivity, Microsoft automatically changes our state from “Available” to “Away”. There are some methods to avoid this, but in this case I will show how I do it by using the scripting language AHK

This vulnerability takes advantage of ServiceDesk Plus having different output in the password recovery functionality: if the user exists it returns a message claiming an email has been sent but if it does not exist the message is constant.