Many a times we get caught in the trap of a server is shelled but there is nothing to go on with ; Today we will look at one such possibility that is faced. You have a webshell on a server however you want to use old fashioned netcat or socat to connect to it […]
In the recent leak from shadow brokers; here has been great uptake in using the scripts. Some of the things to note though are that the script works on : Python 2.6 (32 bit) pywin32 (32 bit) Solving the problems with this requirement ; I will highlight the 2 most common: Running a different version of […]
Surviving an SSH Audit
It’s often seen from most scanners a number of issues being raised in regard to SSH security. They are mostly around : Use of weak arcfour ciphers SSH Weak ciphers SSH weak Mac algorithms SSH insecure key exchange etc. as an example we will cover how to harden a weak understanding of the defaults and […]
Now from John The Troll (CTF – Africahackon) – Key 2 we have gotten to be Chicken, so the next thing would be getting information about the system. [+] Kernel Linux version 3.13.0-55-generic (buildd@brownie) (gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1) ) #94-Ubuntu SMP Thu Jun 18 00:27:10 UTC 2015 [+] fstab entries # /etc/fstab: static file system […]
After the previous article we got the first key. Now for the second key we needed to move a notch higher into the system. We had a loot.dic so the best option seeing we only have the web application facing us so far would be bruteforcing it. root@mth3l3m3nt:~# wpscan -u http://192.168.238.101/ -U hacker123 -w ~/loot.dic […]
Extra Cleaning With CMD
This article is a basic little fix for the regular windows problems. At times your flash behaves funny but when you scan the antivirus claims it is clean. This is especially the case with new viruses. Its nice to do a quick check incase you suspect foul play for malware. So basically what we will […]
Eset Offline Updating
In order to Update ESET offline. You need to gather update files for the current update version from a machine that is up to date and whose update cache has not been cleared as we will get it from the cache then transfer. This has been tested upto ESET4 Business Edition and may vary slightly […]
Bypass Windows 7 Activation
There is usually a problem when using one of those keys that windows has black listed you get a screen as below during updates. One method is to remove or block installation of the update Windows Genuine Advantage Notifications (KB905474). Another alternative is to download the ready made WGA removers or activators like Hazar’s windows […]