Tips, Tricks and Tools for Cyber Security Enthusiasts

Operational Security with PoshC2 Framework

Thursday 23 May 2019/0 Comments/in Blog /by Doug McLeod

This post describes a new capability that has been deployed within PoshC2, which is designed to assist with revealing a wider set of target environment variables at the dropper stage, as part of operational security controls. Imagine the following scenario. You’ve deployed IP address white-listing on a proxy in order to limit implant installation to […]

Read more →

CVE-2017-18019: Privilege Escalation via a Kernel Pointer Dereference

Wednesday 17 April 2019/0 Comments/in Blog /by Kyriakos Economou

A little while ago, I discovered a vulnerability, CVE-2017-18019, affecting a kernel driver of multiple K7 Computing security products, as well as the products of Defenx, both for Windows. Both were affected because they were using the same anti virus engine, and both are now patched. The proof of concept was based on an invalid […]

Read more →

Introducing PoshC2 v4.8 – includes C# dropper, task management and more! – Part One

Monday 1 April 2019/0 Comments/in Blog, PoshC2 /by Rob Bone

We recently released version 4.8 of PoshC2, which includes a number of fixes and improvements that help facilitate simulated attacks. This is the first post in a series of posts that will include some of the details around the fixes and updates, alongside a number of other posts which will show some of the other […]

Read more →

CVE-2018-8955: Bitdefender GravityZone Arbitrary Code Execution

Tuesday 16 October 2018/0 Comments/in Blog /by Kyriakos Economou

We recently identified a vulnerability in the digitally signed Bitdefender GravityZone installer. The vulnerability allows an attacker to execute malicious code without breaking the original digital signature, and without embedding anything malicious into the installer itself. This means that an appropriately positioned attacker can cause the signed installer to run an arbitrary remotely hosted executable. […]

Read more →

DerbyCon 2018 CTF Write Up

Thursday 11 October 2018/0 Comments/in Blog /by Spicy Weasel

We have just returned from the always amazing DerbyCon 2018 conference. We competed in the 48 hour Capture the Flag competition under our usual team name of “Spicy Weasel” and are pleased to announce that, for the second year in a row, we finished in first place out of 175 teams and netted another black […]

Read more →

CVE-2018-5240: Symantec Management Agent (Altiris) Privilege Escalation

Wednesday 12 September 2018/0 Comments/in Blog /by Ben Turner

During a recent red team exercise, we discovered a vulnerability within the latest versions of the Symantec Management Agent (Altiris), that allowed us to escalate our privileges. Overview When the Altiris agent performs an inventory scan, e.g. software inventory scan, the SYSTEM level service re-applies the permissions on both the NSI and Outbox folders after […]

Read more →

Operational Security with PoshC2 Framework

CVE-2017-18019: Privilege Escalation via a Kernel Pointer Dereference

Introducing PoshC2 v4.8 – includes C# dropper, task management and more! – Part One

CVE-2018-8955: Bitdefender GravityZone Arbitrary Code Execution

DerbyCon 2018 CTF Write Up

CVE-2018-5240: Symantec Management Agent (Altiris) Privilege Escalation

EMEA

Americas

General Enquires

Social Media

Welcome to Nettitude Labs

EMEA

Americas

General Enquires

Social Media