But What About WebApps? - SSH to the Rescue

So, there I was, on a penetration test and needed to see some web apps that a client had in-house. I had a PwnPro plugged in, however, the VPN proxy script provided was not working and my connection became wonky--and eventually FUBAR--when trying. In comes SSH to the rescue. As usual for these posts, this is really a personal instructional for later. That being said, you are more than welcome to use whatever you can. The Setup Just so there is an overview, I was recently on an internal penetration test. For this test, however, I was completely remote and…

Read More

Evasion is Getting Easier?

This is a bit of an odd one. While on an assessment, I was tasked with evading detection from an external perspective. I noticed some weird things this industry is doing to make external evasion easier for us attackers. As usual, I could be entirely wrong. Noise Perhaps one of the largest issues when it comes to SIEM is noise. In other words, a ton of offenses that are false positives or not of any business concern. Generally speaking, this is where companies will 'tune' a SIEM. This involves creating rule sets, specifying thresholds, etc. When it comes to the…

Read More

Basic Pivoting With Meterpreter

While this topic has been discussed extensively online, it seems that few people pay attention to markup language and/or links on their posts. How annoying is that?! Really, this post is for my own reference, however, you are more than welcome to use it. ;) The Situation In a recent assessment, I was asked to please ensure that if I infect a host that I use said host to tunnel subsequent meterpreter sessions through. One of the reasons for this was to replicate an attacker pivoting systems to further scan, infect, etc. other systems on the network and other subnets.…

Read More

Join EFF!