The correct IP address is sometimes all you need to exploit a remote target.
Continue reading Exploiting stale ADIDNS entriesCategory: Pentest
Apache Solr 8.3.1 RCE from exposed administration interface
Back in 2020, during an external pentest, I stumbled upon a visible Solr administration panel. With nothing else of interest, I focused on this specific application to test what was hidden underneath.
Continue reading Apache Solr 8.3.1 RCE from exposed administration interfaceBypassing LSA Protection in Userland
In 2018, James Forshaw published an article in which he briefly mentioned a trick that could be used to inject arbitrary code into a PPL as an administrator. However, I feel like this post did not get the attention it deserved as it literally described a potential Userland exploit for bypassing PPL (which includes LSA Protection).
Continue reading Bypassing LSA Protection in UserlandState of Pentesting 2020
To many people, pentesting (or hacking in a broader sense) is a dark art mastered by some and poorly understood by most. It has evolved quite substantially throughout the years, guided by new vulnerabilities, changing behaviours and maybe most importantly the development and release of new tools, be they offensive or defensive.
Continue reading State of Pentesting 2020Continuous Pentesting
At SCRT, we have been performing penetration tests for nearly 20 years now and have always tried to improve our methodologies to match client expectations and deliver the most accurate and useful results from each test we undertake.
Continue reading Continuous PentestingMetasploit psexec resurrect
What a joy !
I just received tonight this nice email from github :
Meatballs1 merged commit
1a3b319into from
My 2 years old pull request to metasploit was just accepted !
Continue reading Metasploit psexec resurrectLe framework metasploit – 2/2
Ce post fait suite à la publication de la première partie de l’article sur le framework metasploit publié dans le numéro 52 du magasine MISC par Julien Bachmann et Nicolas Oberli.
Continue reading Le framework metasploit – 2/2Le framework metasploit – 1/2
Dans le numéro 52 du magasine MISC Julien Bachmann et Nicolas Oberli ont publié un article décrivant l’utilisation du framework metasploit dans le cadre d’une intrusion fictive. Cet article a été découpé en deux parties qui seront publiées sur ce blog.
Continue reading Le framework metasploit – 1/2Metasploit : Afficher la politique de mots de passe
Il n’est plus nécessaire de présenter Metasploit. Véritable trousse à outils du pentester, les nombreux modules présents permettent d’effectuer un nombre d’opérations au sein d’un seul et même outil.
Continue reading Metasploit : Afficher la politique de mots de passe