Introducing PoshC2 v4.8 – includes C# dropper, task management and more! – Part One

/0 Comments/in , /by

We recently released version 4.8 of PoshC2, which includes a number of fixes and improvements that help facilitate simulated attacks. This is the first post in a series of posts that will include some of the details around the fixes and updates, alongside a number of other posts which will show some of the other […]

Read more

CVE-2018-8955: Bitdefender GravityZone Arbitrary Code Execution

/0 Comments/in /by

We recently identified a vulnerability in the digitally signed Bitdefender GravityZone installer. The vulnerability allows an attacker to execute malicious code without breaking the original digital signature, and without embedding anything malicious into the installer itself. This means that an appropriately positioned attacker can cause the signed installer to run an arbitrary remotely hosted executable. […]

Read more

DerbyCon 2018 CTF Write Up

/0 Comments/in /by

We have just returned from the always amazing DerbyCon 2018 conference. We competed in the 48 hour Capture the Flag competition under our usual team name of “Spicy Weasel” and are pleased to announce that, for the second year in a row, we finished in first place out of 175 teams and netted another black […]

Read more

CVE-2018-5240: Symantec Management Agent (Altiris) Privilege Escalation

/0 Comments/in /by

During a recent red team exercise, we discovered a vulnerability within the latest versions of the Symantec Management Agent (Altiris), that allowed us to escalate our privileges. Overview When the Altiris agent performs an inventory scan, e.g. software inventory scan, the SYSTEM level service re-applies the permissions on both the NSI and Outbox folders after […]

Read more

CVE-2018-12897: Solarwinds Dameware Mini Remote Control Local SEH Buffer Overflow

/0 Comments/in /by

Dameware Mini Remote Control (MRC) is a remote administration utility allowing remote access to end user devices for a variety of purposes. You can often find it among the plethora of toolkits used by system administrators managing the IT infrastructure in organisations. Having recently completed my OSCE and looking to use some of the skills […]

Read more

Introducing Scrounger – iOS and Android mobile application penetration testing framework

/0 Comments/in /by

Scrounger is a modular tool designed to perform the routine tasks required during a mobile application security assessment.  Scrounger conveniently brings together both major mobile operating systems – Android and iOS – into a single tool, in a way that is easy use, well documented, and easily extensible. Where it differs Scrounger consists on a […]

Read more