Loading...

Using PoolTags to Fingerprint Hosts

Commonly, malware will fingerprint the host it executes on, in an attempt to discover more about its environment and act accordingly. Part of this process is quite often dedicated to analyzing specific data [...]

By |2018-08-08T11:00:31+00:00August 8, 2018|

CVE-2018-13442: SolarWinds NPM SQL Injection

A SQL injection vulnerability has been discovered in SolarWinds’ Network Performance Monitor (NPM).  This vulnerability has been designated CVE-2018-13442. SolarWinds NPM is one of the most widely used network monitoring tools available in [...]

By |2018-08-02T15:55:44+00:00August 2, 2018|

Python Server for PoshC2

We are delighted to announce the release of our PoshC2 Python Server, allowing cross-platform support. Over the past six months we have been working on a Python server for PoshC2, which allows it [...]

By |2021-08-09T17:15:34+00:00July 26, 2018|

COM and the PowerThIEf

Recently, Component Object Model (COM) has come back in a big way, particularly with regards to it being used for persistence and lateral movement. In this blog we will run through how it [...]

By |2020-12-08T21:39:26+00:00July 10, 2018|

CVE-2018-10956: Unauthenticated Privileged Directory Traversal in IPConfigure Orchid Core VMS

Affected Software: IPConfigure Orchid Core VMS (All versions < 2.0.6, tested on Linux and Windows) Vulnerability: Unauthenticated Privileged Directory Traversal CVE: CVE-2018-10956 Impact: Arbitrary File Read Access Metasploit module: https://github.com/nettitude/metasploit-modules/blob/master/orchid_core_vms_directory_traversal.rb Summary of Vulnerability IPConfigure Orchid Core VMS [...]

By |2018-06-14T13:33:15+00:00June 14, 2018|
Load More Posts
Go to Top