I had the opportunity to pick up a Chromebook (Acer C720) on the cheap(er) this past weekend. A local high school was getting rid of those machines that had previously belonged to graduating seniors who had chosen not to buy them outright at the end of the year. I had never had much of a chance to play around in ChromeOS until now, so I was excited to get my hands dirty. I have ... READ MORE
Blog
Physical Penetration Tests – SOPs and Planning
This post describes some of the factors that a team should take into account while planning and executing a physical penetration test. As a disclaimer, some may find the heavy use of military jargon alarming. Such language is not intended to suggest or encourage an adversarial relationship between the security professionals and their clients; rather, it’s the simple result ... READ MORE
Collecting Volatile Data with AWK
On a recent forensics case, a coworker and I noticed some interesting logs on a Linux web server. TCPDump showed some strange traffic from a handful of IPs, but the access logs were not showing any visits from the offending addresses. The traffic was encrypted so it wasn't possible to see what was being sent, so we needed to do some additional digging. A lot is required to take ... READ MORE
Metasploit Module of the Month – ntlm_info_enumeration
This post will be the first in an ongoing series devoted to covering various modules in the Metasploit Framework and their uses. We hope that our readers will find this useful, as there are more modules added to the framework each day, as well as some obscure modules which are incredibly valuable. This entry in the series will examine one of the latter, ... READ MORE
Building a Vulnerable Box – Heartbleed
Patchwork may have wrapped this series up in his last post, but I've got one more to add. The Heartbleed bug (CVE-2014-0160) received a lot of press when it was discovered and disclosed in April of 2014, and deservedly so. The vulnerability was severe not only because of the sensitivity of the information it could leak, but also because of its prevalence across the ... READ MORE
MasterLock Combination Lock Vulnerabilty and Exploit
A couple of weeks ago, I came across an article from Samy Kamkar on how to successfully guess a combination for a standard MasterLock combination lock. It seemed pretty interesting so I gave it a try, and to my surprise it worked! However, a big downside was having to visit his website to run the algorithm in order to get the list of eight possible combinations. On a typical ... READ MORE
Building a Vulnerable Box – VNC Auth Bypass
This is going to be my last post in this series for the time being. Four vulnerable machines is a good start-up lab. The version of VNC we are going to use for this build is very out-of-date, but you'd be surprised (or maybe you wouldn't) on the frequency with which we encounter it on engagements. I haven't had a hit yet this year, but there were enough last year to warrant ... READ MORE
CTF – Exploit PCAP Walkthrough
RSM recently hosted a Capture the Flag competition for high school students in partnership with the University of Mount Union. Our team attempted to craft challenging but "solvable" problems for the participants to complete. When I was writing my challenges (they fell mostly in the Forensics category) my goal was to make problems that were something a high school student ... READ MORE
King Phisher 0.2.0 Released
Today, RSM is releasing the latest version of the King Phisher phishing campaign toolkit. This version adds some excellent features for visualizing the results of a campaign to help with the analysis. Some of the features in this version were referenced in the Advanced Phishing Techniques webinar hosted by the RSM King Phisher team in March. Some of the newest features in ... READ MORE
DLL Injection Part 2: CreateRemoteThread and More
Back for more? Good. I learned quite a bit doing the research for this portion of the series, and I have to give credit mostly to my sources. Check out the Open Security Research and Infosec Institute articles in the references. They go really in depth on this topic. I am not really expanding on their content, but I find that spending time explaining it helps me to better ... READ MORE