Quick Hit: Base64 PowerShell Exfiltration

Okay, so you’ve landed in a constrained language PowerShell on a remote box, and the local application security policy is stopping you from using all the regular stuff (e.g. netcat, opening network connections, etc)… but you need to exfil a medium amount of binary data.  How would you do that?

The following isn’t perfect, but it’s the solution I used recently… feel free to share better solutions! 🙂

Continue reading “Quick Hit: Base64 PowerShell Exfiltration”

Quick Hits: Screen

Ever been frustrated by a session that was running remotely when your SSH/nc/1337shell.phpaspxcf dropped, and all that work was wiped out in the blink of an eye because when that died your shell did too, and the OS was nice enough to clean it all up?

Yeah, it sucks. Fortunately, there’s an easy way to handle that, and it’s called “screen”. Let’s dive in.
Continue reading “Quick Hits: Screen”

QuickHit: wget Website Mirroring

You may often need to mirror all (or part) of a website for offline analysis.  The ‘wget’ program has some easy features to use when you want to quickly get a local copy of a site and correct common issues (like links pointing to server locations).  Set up one of these behind the scenes while you work on other aspects, then peruse at your leisure.

Update 2018-07-21: Or just use the script I wrote to simplify this for my customized Kali build, available here.

Continue reading “QuickHit: wget Website Mirroring”

Identifying JTAG

This is a quick-hit post because as I’ve been working on some hardware hacking efforts I realized that while there are a lot of good resources on identifying JTAG interfaces and standards, there wasn’t really a good single page view of them.  With that in mind, I lifted the following images from the excellent resource at http://www.jtagtest.com/pinouts/ and put them into a single page view.  Full credit to JTAGtest… I just wanted something I could quickly reference.

Continue reading “Identifying JTAG”

Powered by WordPress.com.

Up ↑