From APK to Golden Ticket

Posted on Posted in Tutorial's

Owning an Android smartphone and gaining Domain Admin rights and more… Andrea Pierini <decoder.ap@gmail.com>, Giuseppe Trotta <giutrotta@gmail.com> February 24, 2017 This article describes the potential dangers of using personal smartphones in corporate networks and as a result has been modeled after real events. It has been demonstrated that it is not so difficult for ill­intentioned to deceive an employee installing a malicious app on […]

HOW TO EXPLOIT ETERNALROMANCE/SYNERGY TO GET A METERPRETER SESSION ON WINDOWS SERVER 2016

Posted on Posted in Hacker News, Tutorial's

When Microsoft released patches for the MS17-010 vulnerability, it was exposed that the problem is affecting from Windows 7 (Punctually, was Vista, but well, that doesn’t count :P) until Windows Server 2016. However, the “ETERNALS” exploits published by TheShadowBrokers are very unstable trying to impact into systems like Windows Server 2012 and ahead, causing 99% […]