hack

How to use Responder to capture NetNTLM and grab a shell

NTLMv2

Responder: The Ultimate Tool for Samba Server Hijack and NetNTLM Hash Theft In the vast arsenal of cybersecurity tools, Responder stands out for its unique capability to masquerade as a rogue Samba server, opening up avenues to pilfer NetNTLM hashes with finesse. Here’s a deep dive into harnessing this tool …

Read More »

Utilizing a Common Windows Binary to Escalate to System Privileges

Windows pwnage courtesy of trusted Windows binaries Introduction If you’ve ever tried to run a command prompt as administrator on your Windows OS before, you’ve seen a harmless popup appear. This is Windows User Account Control, or UAC. According to Microsoft, UAC “is a fundamental component of Microsoft’s overall security …

Read More »

PrintNightmare CVE-2021-34527 exploit Mitigation to keep your Print Servers running while Microsoft Patch Doesn’t Really work Effectively

A regular domain user can easily take over the entire Active Directory domain. While we still recommend that the print spooler service should be disabled on any system that does not need it, we also want to provide a temporary workaround to make the exploit ineffective, while allowing you to …

Read More »

Active Directory Exploitation [EVERYTHING]

Summary Active Directory Exploitation Cheatsheet Summary Tools Domain Enumeration Using PowerView Using AD Module Using BloodHound Useful Enumeration Tools Local Privilege Escalation Lateral Movement Powershell Remoting Remote Code Execution with PS Credentials Import a powershell module and execute its functions remotely Executing Remote Stateful commands Mimikatz Useful Tools Domain Privilege …

Read More »

Hosting and hiding your C2 with Docker and Socat

Abstract We want to run a simple C2 that is not exposed to the internet, with multiple socats redirecting our payload delivery and session handling correctly. All this with the help of Docker. It’s straightforward once you’ve gotten the grip. Why Using containers means we get the “it always works” …

Read More »

RFSec-ToolKit V1.7

RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools which are from the github platform,and Hacking Tutorial from youtube、blog post, including SDR、2G GSM、3G 、4G LTE 、5G、NFC&RFID、ZigBee and so on. SDR Resources SDR-HardWare to be used RTL2832U:RTL-SDR is a very cheap software defined radio that uses a DVB-T TV tuner …

Read More »

Post Exploitation Hacking Techniques

we’ll talk about post exploitation hacking techniques you can use after having a meterpreter shell on a remote system. You’ll see things like: Privilege Escalation Maintaining Access Data Harvesting Weak Password Cracking NOTE: Don’t take this guide as standard methodology. The purpose is to show different “tips and tricks” you …

Read More »

exploit windows PC using eternalblue smb remote windows kernel pool corruption

This module is a port of the Equation Group ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers. There is a buffer overflow memmove operation in Srv! SrvOs2FeaToNt. The size is calculated in Srv!SrvOs2FeaListSizeToNt, with mathematical error where a DWORD is subtracted into a WORD. The kernel pool …

Read More »