HOW TO EXPLOIT ETERNALROMANCE/SYNERGY TO GET A METERPRETER SESSION ON WINDOWS SERVER 2016

Posted on Posted in Hacker News, Tutorial's

When Microsoft released patches for the MS17-010 vulnerability, it was exposed that the problem is affecting from Windows 7 (Punctually, was Vista, but well, that doesn’t count :P) until Windows Server 2016. However, the “ETERNALS” exploits published by TheShadowBrokers are very unstable trying to impact into systems like Windows Server 2012 and ahead, causing 99% […]

Hidden Network: Detecting Hidden Networks created with USB Devices

Posted on Posted in Hacker News

Many companies and government agencies today have communications isolated networks or with data flow restricted through different networks. These computers networks are created for particular situations, as these can be very special or have critical information such as, factory control system, highly-secured environments for processing of certain data, or networks complying with a safety standard. […]

Command Injection/Shell Injection

Posted on Posted in Hacker News, Tutorial's

Challenge: Malicious Arbitrary command execution using system shell as an argument passed via the web application. Obtaining shell level access features and backdooring he system via the application for maintaining access. Target: Locally hosted web application over Apache Web Server. Topic: Create Web Application and Inject commands as an argument via the application. Hack: The […]