When a client requests a Social Engineering assessment, they are wanting to test any weaknesses found in the people themselves, not necessarily technology. After all, it's often easier to just ask someone directly for their password instead of trying to find an exploit for an application. In the context of a penetration test, typically this takes the form of impersonating ... READ MORE
CTF Example – Physical Challenges
In the Physical Challenge category, problems are focused on simulating technical skills that a consultant might have to use on an asssessment. Two major skills that come in handy are knowledge about lockpicking and security cameras. Lockpicking Lockpicking is something of both an art and a science. The scientific part is easy to understand as illustrated by this fantastic ... READ MORE
CTF Example – Web Application Security Part II
In our previous post, we talked about using robots.txt to uncover hidden information about a target website. By the end of this post you should be able to: Use dirb to spider a website for directory content Use Burp to attempt a brute forcing attack You will need the following: Kali Linux virtual machine installed and ready to go The following ISO file ... READ MORE
CTF Example – Hacking
CTF Example – Hacking Although hacking can have multiple different meanings, in the context of the RSM CTF the hacking category focuses on the active exploitation of vulnerable services. In this blog, you should expect to come away with the following skills: Use VMWare to set up and configure a safe test lab environment Use Nmap to find out what services are running on ... READ MORE
Running a Data URI Phishing Campaign with King Phisher
Data URI Phishing with King Phisher One of the newest techniques being blogged about in the security world is phishing through the data URI. Thanks to a viral Twitter post, many sites like Wordfence have published specific advisories to warn users about this type of attack. What makes this technique so effective is the ability to create a convincing address in the address bar. ... READ MORE
CTF Example – Coding
You sit there in front of your desk after getting hired in to a security position, and quickly realize that it is no point-and-click job. Security on both sides of the house leverage the power of programming to automate tasks. This can be anything from alerting on specific key words on logs, to making a quick script to gather information for the environment you just caught a ... READ MORE
CTF Example – Forensics
You might not realize it, but your files say a lot about your identity. Whenever you take a picture on a digital camera or cell phone, essential information called metadata is written into the image file. This data can include things like the model of camera, whether or not the flash fired, date, time, and even GPS coordinates. EXIF data is a specific subset of metadata ... READ MORE
Building a Convincing USB Drop
One of my favorite attack vectors is the USB drop. At RSM, our two go-to drops are the Rubber Ducky and backdoored executable files on a normal USB flash drive. We will typically load a Ducky with an Empire script which executes a PowerShell one-liner when plugged into a victim machine. The executable-loaded drives require the victim to mount and open the USB drive and then ... READ MORE
Meterpreter Transports: Digging in with your Shell!
The scenario is all too familiar: Its a been a long week of digital warfare, and you are about to call it quits. And then all of a sudden, you have a shell call back to your handler! You're in for the moment, but it's only a matter of time before that pesky blue team finds and blocks you. You now must waste precious time desperately trying to set up persistence in order to ... READ MORE
King Phisher Release 1.4
We are happy to announce the release of King Phisher version 1.4. King Phisher has supported Python 3 for several versions now and is now standard for new installations of King Phisher starting with this release. Anyone that utilizes the tool/install.sh script to install King Phisher will have it installed and configured utilizing Python 3. Users that use this method will ... READ MORE