In the modern world, almost every one of us has a mobile device in our pockets. Whether through Android, iOS, or even Windows, we have something that directly connects our lives to the internet. From texting to banking, smart phones can do it all. For better or worse, this means they are ripe for the picking in terms of an attack vector. Also according to the global market ... READ MORE
Bypassing Gmail’s Malicious Macro Signatures
Malicious macros in Excel spreadsheets are one of the most common methods of delivery in phishing attacks. If the premise is enticing enough, an unsuspecting user may download the document and enable macros which could result in arbitrary code being run on their system. In order to simulate a phishing campaign from an attacker, we at RSM will typically utilize the macro ... READ MORE
Leveraging MS16-032 with PowerShell Empire
It's not very often in the life of a pentester that you find a point-and-click exploit that works right out of the box. Most public scripts are simple proofs of concept that don't work in every scenario and must be modified to perform the desired action. In fact, the OSCP course from Offensive Security has a big section dedicated to altering existing code to make it work for a ... READ MORE
Approaches for Wireless Man-in-the-Middle
The wireless medium is inherently susceptible to man-in-the middle attacks. Whether the objective of such an attack is to capture traffic, or simply make an "evil" access point more believable by connecting clients to the Internet, there are a few different approaches one can take to inserting themselves between their target(s) and the Internet. This post explores two of ... READ MORE
Do That Auto Complete
These days we all enjoy the ease of use in graphical text editors. Some text editors will propose suggested words as your are typing. One thing that starts to move a generic text editor into more of a Integrated Development Environment (IDE) is the ability to get auto complete suggestions for common syntax and variable names. This simple little feature greatly improves the ... READ MORE
Intro to OSINT
*All images in this post were found using publicly available sources and should be used for educational purposes only One of the best things in the IT community is Open Source Software. Open source software is something where the a company develops a piece of software and then makes the source code publicly available, allowing anyone to look and manipulate the code. This has ... READ MORE
Do that Phish: King Phisher Video Guides
The Importance of Phishing Over the last few years, trending has emerged that clearly indicates social engineering, specifically phishing, is the most consistently reliable attack vector through which hackers gain access to target organizations. Given the non-technical, weak-link factor involved in responding to a well crafted phishing attack, how can organization best combat ... READ MORE
Create an Encrypted Leave-Behind Device
Consider this scenario: You've breached the physical perimeter of the target organization. Once inside, you need to establish some means of remote network access, whether for yourself or your teammates waiting on the outside. In this example, this takes the form of a device you plug in to an unattended network jack within the target organization. Whether you call this ... READ MORE
Building a Lab Network in ESXi
Every hacker I know is always looking for ways to practice and improve their skills. One of the things I feel that is in short supply, is access to realistic networks to actually break into. Even here on this blog, we have a lot of posts about systems you can create to subsequently hack. In the real world, though, you will need more skills than running (or even creating an ... READ MORE
Scripting RDP for Pillaging and Potato
Previous posts on the WarRoom have addressed expediting the use of remote desktop to facilitate pillaging. This post explores scripting commands through an RDP client to serve that same purpose. The end result is one-liner that will log in to a remote system, attach a local directory, execute a script, and save the output to that same local directory, provided the attacker has ... READ MORE