• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

Blog

Analyzing Safe Exception Handlers

December 22, 2014 By Spencer

SafeSEH (Safe Structured Exception Handlers) is a Windows binary protection mechanism for 32-bit executables that has been around for a while now. When the option is enabled, the linker creates a list of valid exception handler addresses in the SEHandlerTable when the binary is being built. This protection prevents the execution of corrupted exception handlers which is a common ... READ MORE

Chromoting For Access

December 15, 2014 By Spencer

Chromoting Background Google Chrome offers a service dubbed "Chromoting" which allows users to opt into allowing remote access to their systems for either personal reasons or technical support. To use this service a user must download Chrome, be logged into their Google account, and enable Chromoting via the Chrome Remote Desktop application. The remote desktop application, ... READ MORE

Understanding Radio Frequency Theory

November 14, 2014 By Ken Smith

I did a short series on attacking Wi-Fi for my personal blog last year, but I did not cover Enterprise Wireless. A few interesting tools have been released in the time that has passed, so I'm going to steal some of my own words as a short lead into a new post on conducting attacks against WPA/2-Enterprise wireless networks. The Spectrum Electromagnetic energy is the basis on ... READ MORE

Request to Exit Sensor Bypass

November 6, 2014 By RSM Author

(Originally published by @coldfusion39) When performing Physical Attack and Penetration Tests, we occasionally find ourselves on the wrong side of a locked door.  The exterior or public side, of these doors is often controlled by an Access Control System utilizing either a Prox or iClass card reader. Due to various fire codes and regulations, the secured side of these doors ... READ MORE

King Phisher 0.1.6 Released

November 3, 2014 By Spencer

The latest version of RSM's phishing tool King Phisher has been released with numerous improvements. King Phisher is RSM's Phishing Campaign toolkit of choice, developed internally to meet the demands of the engagements that the team encounters. Some of the new features in this release include: Support for email messages with inline images that do not need to be ... READ MORE

Sophos UTM Home Edition – 2 – The Installation

October 22, 2014 By Ken Smith

UPDATE: Part 3 - The Setup, Part 4 - Definitions and Rules, and Part 5 - SSL VPN are now available. Now that we've discussed acquiring a Sophos UTM license and downloading the ISO, it's time for the install. This process is extremely straightforward assuming the hardware of choice is compatible. Should any questions arise, concerned users should reference the Hardware ... READ MORE

Enumerating User IDs On Smart Meters

October 20, 2014 By Spencer

The latest module for the Termineter Framework supports enumerating valid user IDs on smart meters as part of the C12.18 login process. This is particularly useful for certain smart meter vendors that allow the C12.19 general information tables #0 and #1 to be read with a valid user ID and but no password. Enumerating user IDs on smart meters can also identify accounts that can ... READ MORE

Sophos UTM Home Edition – 1 – Getting Started

October 14, 2014 By Ken Smith

UPDATE: Part 2 - The Installation, Part 3 - The Setup, Part 4 - Definitions and Rules, and Part 5 - SSL VPN are now available. I recently built a house and was fortunate enough to be able to fill the walls with Cat6. This has allowed me to build out a significant home network which includes multiple wireless access points, a mixed Windows/Linux environment, and various other ... READ MORE

MS14-040 AFD.sys Dangling Pointer Further Analysis

October 6, 2014 By Spencer

In July of this year (2014), an excellent write up was released by Sebastian Apelt of Siberas on the vulnerability described in the MS14-040 advisory. This vulnerability is a dangling pointer in the AFD.sys driver that when successfully exploited can allow a program to execute code in the context of NT_AUTHORITY\SYSTEM. This is a significant vulnerability as there are currently ... READ MORE

The Importance of Understanding Your Tools

September 18, 2014 By Jeff

There are many qualities and skills necessary to be an effective penetration tester. Experience with a programming language or two is right at the top of that list. I don’t mean that you need to have a development background. Successful attackers should, however, be able to look at the tools and exploits they use and understand they actually work. This exact issue came up on a ... READ MORE

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 22
  • Go to page 23
  • Go to page 24
  • Go to page 25
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.8k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.