Printing Domain Passwords

Most networks have become harder to breach due to increased converged security operations; however there is still a gap that has never moved at the same pace; This issue lies in configuration management which largely is a key downer on most networks. Some of the most common misconfigured devices on any network that usually have[…]

Getting the shadow running

In the recent leak from shadow brokers; here has been great uptake in using the scripts. Some of the things to note though are that the script works on : Python 2.6 (32 bit) pywin32 (32 bit) Solving the problems with this requirement ; I will highlight the  2 most common: Running a different version of[…]

Surviving an SSH Audit

It’s often seen from most scanners a number of issues being raised in regard to SSH security. They are mostly around : Use of weak arcfour ciphers SSH Weak ciphers SSH weak Mac algorithms SSH insecure key exchange etc. as an example we will cover how to harden a weak understanding of the defaults and[…]

John The Troll (CTF – Africahackon) – Key 3

Now from John The Troll (CTF – Africahackon) – Key 2  we have gotten to be Chicken, so the next thing would be getting information about the system. [+] Kernel Linux version 3.13.0-55-generic (buildd@brownie) (gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1) ) #94-Ubuntu SMP Thu Jun 18 00:27:10 UTC 2015 [+] fstab entries # /etc/fstab: static file system[…]

John The Troll (CTF – Africahackon) – Key 2

After the previous article we got the first key. Now for the second key we needed to move a notch higher into the system. We had a loot.dic so the best option seeing we only have the web application facing us so far would be bruteforcing it. root@mth3l3m3nt:~# wpscan -u -U hacker123 -w ~/loot.dic[…]

Extra Cleaning With CMD

This article is a basic little fix for the regular windows problems. At times your flash behaves funny but when you  scan the antivirus claims it is clean. This is especially the case with new viruses. Its nice to do a quick check incase you suspect foul play for malware. So basically what we will[…]

Eset Offline Updating

In order to Update ESET offline. You need to gather update files for the current update version from a machine that is up to date and whose update cache has not been cleared as we will get it from the cache then transfer. This has been tested upto ESET4 Business Edition and may vary slightly[…]

Bypass Windows 7 Activation

There is usually a problem when using one of those keys that windows has black listed you get a screen as below during updates.  One method is to remove or block installation of the update Windows Genuine Advantage Notifications (KB905474). Another alternative is to download the ready made WGA removers or activators like Hazar’s windows[…]