• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

R&D

A Beginner’s Guide to the CVE process

March 21, 2017 By Mike

Before I got into the security field full time, I made it my goal to someday discover a previously unpublished exploit that would warrant the assignment of a CVE. I was always amazed at the constantly updated Exploit-DB list and wanted to be able to make my own contribution to the database. This month, I was finally able to accomplish my goal and submit my first two ... READ MORE

Compromise a DCOS Server through a Docker Container

March 3, 2017 By Erik

Ever wonder how you can use a docker container to compromise the host? There is a simple process to do so, if you have the ability to start a docker container. With the increasing utilization of docker, there have been several cluster solutions developed. Among these solutions is DC/OS. By default, the installation is found to be rather insecure. The first couple of steps have ... READ MORE

King Phisher Release 1.6

January 30, 2017 By Erik

king fisher logo

We are happy to announce the long awaited release of version 1.6. The development of version 1.6 is massive compared to prior releases. The major changes are to the back-end API calls too and from the King Phisher server. Utilizing AdvancedHTTPServer capabilities for web sockets, the server will now alert the client when there are changes to the database tables. This allows ... READ MORE

Making Raw Syscalls on Windows From Python

January 20, 2017 By Spencer

Often times while writing a proof of concept for an exploit or doing vulnerability research its necessary to make a raw syscall on Windows. Usually syscalls are called by a thin wrapping function in userland, often provided as an exported function from within a DLL. Many of these userland functions modify and manipulate the arguments prior to passing them to the kernel, which ... READ MORE

Running a Data URI Phishing Campaign with King Phisher

January 19, 2017 By Mike

Data URI Phishing with King Phisher One of the newest techniques being blogged about in the security world is phishing through the data URI. Thanks to a viral Twitter post, many sites like Wordfence have published specific advisories to warn users about this type of attack. What makes this technique so effective is the ability to create a convincing address in the address bar. ... READ MORE

Customizing King Phisher Using Plugins

January 18, 2017 By Jeremy

With the ability to write your own plugins for King Phisher, basically the possibilities for what YOU want King Phisher to do have fallen into your hands. During the newer release for King Phisher, the development team has incorporated the ability to add your own plugins to allow customization on what you'd like the phishing tool to do. For example, we've started a plugin ... READ MORE

I’ve Got 1.2 Million Keys But A Private Ain’t One

September 6, 2016 By Spencer

GitHub has grown in popularity over the past few years as one of the defacto standard locations to share and collaborate on open source projects. Accounts on GitHub are encouraged to use key based authentication, and to that end, users to upload a public key to allow them to authenticate to their accounts while making changes to code. This summer I crawled, collected, and ... READ MORE

An Analysis of MS16-098 / ZDI-16-453

August 25, 2016 By Spencer

This past patch Tuesday, Microsoft released MS16-098, a patch for multiple vulnerabilities in "Kernel-Mode Drivers". Within this patch, the vulnerability identified as CVE-2016-3308 and ZDI-16-453 was addressed. This post is an analysis of this vulnerability and how it could potentially be leveraged by an attacker in the form of a Local Privilege Escalation (LPE) ... READ MORE

King Phisher Release 1.4

August 8, 2016 By Erik

king fisher logo

We are happy to announce the release of King Phisher version 1.4. King Phisher has supported Python 3 for several versions now and is now standard for new installations of King Phisher starting with this release. Anyone that utilizes the tool/install.sh script to install King Phisher will have it installed and configured utilizing Python 3. Users that use this method will ... READ MORE

Bypassing Gmail’s Malicious Macro Signatures

July 18, 2016 By Mike

Malicious macros in Excel spreadsheets are one of the most common methods of delivery in phishing attacks. If the premise is enticing enough, an unsuspecting user may download the document and enable macros which could result in arbitrary code being run on their system. In order to simulate a phishing campaign from an attacker, we at RSM will typically utilize the macro ... READ MORE

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to page 5
  • Go to page 6
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.8k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.