Quick Hit: Base64 PowerShell Exfiltration

Okay, so you’ve landed in a constrained language PowerShell on a remote box, and the local application security policy is stopping you from using all the regular stuff (e.g. netcat, opening network connections, etc)… but you need to exfil a medium amount of binary data.  How would you do that?

The following isn’t perfect, but it’s the solution I used recently… feel free to share better solutions! 🙂

Continue reading “Quick Hit: Base64 PowerShell Exfiltration”

Quick Hits: Screen

Ever been frustrated by a session that was running remotely when your SSH/nc/1337shell.phpaspxcf dropped, and all that work was wiped out in the blink of an eye because when that died your shell did too, and the OS was nice enough to clean it all up?

Yeah, it sucks. Fortunately, there’s an easy way to handle that, and it’s called “screen”. Let’s dive in.
Continue reading “Quick Hits: Screen”

Quick Tip: Linux and Rufus

Just learned today:


If you are making a bootable disk from a Linux distro using Rufus and it won’t mount, try creating it using the DD option.

Apparently, Linux sometimes only likes its own tools being used on it.


Bonum Venandi,


RFID Fundamentals

I realized I didn’t have any good notes on Radio Frequency Identification (RFID) tags/badges/etc, so I figured it was time to compile that and update it while I’m at it.  This post is just a quick run-down of the frequencies, types, and common cards/IDs.  If you don’t know what an RFID is, for the purposes of most pentesting it’s a security badge or a key fob, like you can see in the image at the top of this posting.

Continue reading “RFID Fundamentals”

Create a website or blog at WordPress.com

Up ↑