Hash Spraying Attack

-

Hello folks,

A couple of weeks ago I put together a Medium Story about the Hash Spraying Attack. Enjoy it!


Comments

Post a Comment

Popular posts from this blog

Google Cloud Security - Enumeration using curl

-
Hello folks, It is been a while since my last post. Recently the GitLab Red Team published a pretty comprehensive material about privilege escalation and post exploitation tactics on the Google Cloud Platform (GCP). I've made a fork of their enumeration tool and added a few enumerations to it. Aside of it, I've also created a second enumeration tool which is totally independent on the Google Cloud SDK being installed on the target machine, requiring only curl. Check it out here !
Read more

MS17-010 executable exploit for local/remote privilege escalation

-
Hi there, Few months ago I modified a version of the Worawit Wang: GitHub zzz_exploit for MS17-010. The new version implements a few options such as username/password specification and an arbitrary command to be executed. It does not change anything related to the SMB exploitation This is a bundle with an executable and dependencies and DOES NOT require any python install. This is very suitable for scenarios where one has low privilege access to a vulnerable Windows but does not have any Python available nor Metasploit for proper exploitation. I hope you enjoy it. Here it goes: MS17-010 exploit .
Read more