Chocolatey – Apt-get for Windows

I was at a lecture introducing some of the new features of Powershell 5. One of the top selling points was the OneGet module. OneGet is a package manager for Windows much like Apt-get for *nix systems. It opens up a world of software deployment previously only known for *nix … Continue reading

Share Button

Process Explorer

Process Explorer is like Task Manager on drugs. I have been using it for years, and every time I decide to get to the bottom of it, I get sidetracked because it has so many uses. In this tutorial, we will have a look at some of the different task … Continue reading

Share Button

Local File Inclusion & Remote Command Execution

Local File Inclusion (LFI) is an exploit, which involves gaining access to local system files of a web server, though a website. The vulnerability occurs when a website does not have proper validating on which files it can and cannot include. From an attackers point of view the gold of … Continue reading

Share Button

MS12-020 RDP Vulnerability PoC & Analysis

In March 2012 a security breach was released regarding a vulnerability in the Remote Desktop Protocol (RDP). The vulnerability related to almost all Windows platforms, and was later released under CVE-2012-0002 and MS12-020 In short, the vulnerability enables an attacker to send a sequence of specially crafted RDP packets, which … Continue reading

Share Button

ActivPasswordChanger

In a former tutorial, I showed how to hack Windows 7 Account Password without any tools at all. In that tutorial I mentioned that there also where tools available to do this. Since I just lost the password to one of my virtual machines, I decided to make a quick … Continue reading

Share Button

Banner Grabbing and Emailing via Telnet

Telnet is a old network protocol which has been around longer then the internet. It was created for the purpose of remote access for network resources. It sends its data in plain text and is therefore highly insecure. Nowadays it has largely been replaced by the encrypted Secure Shell (SSH). … Continue reading

Share Button

Netcat Basics

Netcat is an awesome network tool, which can be used for pretty much anything network related. File transfers, remote access, tunneling and network debugging is some of the common tasks it is often used for. Netcat is found for both nix and Windows systems. In this tutorial, we are going … Continue reading

Share Button

Hack Windows 7 Account Password

The password protection in Windows is a good precaution against nosy individuals. But really it is not that safe. If someone really want to get access to a password protected Windows computer – they probably will. There are software out there to help you do this, but with the right … Continue reading

Share Button

Aircrack vs. Hashcat

There are two types of bruteforce attacks – raw bruteforce and dictionary attacks. A raw bruteforce attack means trying every single password within the specified limits, and a dictionary attack means only trying passwords from a dictionary file. With more and more powerful hardware in household computers, it’s becoming possible … Continue reading

Share Button

Find cleartext passwords in memory dump

The Random Access Memory (RAM) is where system components, applications and other data is kept, while the computer is working with it. It is placed there often in clear text for fast access, but there is a security risk involved in this, which is often ignored. In this tutorial, we’ll … Continue reading

Share Button