This tutorial focuses on the built-in tools in Windows, which you can use when a Windows server is not booting correctly. Booting to Safe mode Booting to safe mode eliminates all unnecessary boot up items, therefore it is useful in the event that you suspect that something that is boot … Continue reading
I have written about the flaw in the WPS system a few times. But a new WPS flaw has surfaced, which enables offline brute forcing of the WPS PIN, also called WPS Pixie Dust Attack. When the Registrar (the client computer) wants to connect to the Enrollee (the Access Point) they … Continue reading
Stored user credentials in Windows are normally not visible in plaintext for obvious reasons. But Windows stores the password in plaintext in the Local Security Authority Subsystem Service (LSASS) for some functions like HTTP Digest Authentication to work. So this French guy called Benjamin Delpy, create the application Mimikatz to … Continue reading
I was at a lecture introducing some of the new features of Powershell 5. One of the top selling points was the OneGet module. OneGet is a package manager for Windows much like Apt-get for *nix systems. It opens up a world of software deployment previously only known for *nix … Continue reading
Process Explorer is like Task Manager on drugs. I have been using it for years, and every time I decide to get to the bottom of it, I get sidetracked because it has so many uses. In this tutorial, we will have a look at some of the different task … Continue reading
Local File Inclusion (LFI) is an exploit, which involves gaining access to local system files of a web server, though a website. The vulnerability occurs when a website does not have proper validating on which files it can and cannot include. From an attackers point of view the gold of … Continue reading
In March 2012 a security breach was released regarding a vulnerability in the Remote Desktop Protocol (RDP). The vulnerability related to almost all Windows platforms, and was later released under CVE-2012-0002 and MS12-020 In short, the vulnerability enables an attacker to send a sequence of specially crafted RDP packets, which … Continue reading
In a former tutorial, I showed how to hack Windows 7 Account Password without any tools at all. In that tutorial I mentioned that there also where tools available to do this. Since I just lost the password to one of my virtual machines, I decided to make a quick … Continue reading
If you are Googling for software that allows you to use remote desktop from a Linux OS through a RD Gateway to another server – Stop! I spend hours doing the same with no luck. I tried out a bunch of tools with no luck either. Here is some of … Continue reading
Telnet is a old network protocol which has been around longer then the internet. It was created for the purpose of remote access for network resources. It sends its data in plain text and is therefore highly insecure. Nowadays it has largely been replaced by the encrypted Secure Shell (SSH). … Continue reading
