• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

R&D

King Phisher 0.2.0 Released

April 28, 2015 By Spencer

Today, RSM is releasing the latest version of the King Phisher phishing campaign toolkit. This version adds some excellent features for visualizing the results of a campaign to help with the analysis. Some of the features in this version were referenced in the Advanced Phishing Techniques webinar hosted by the RSM King Phisher team in March. Some of the newest features in ... READ MORE

Build Your Own Pentest Pi

March 27, 2015 By Jeremy

Raspberry Pis are really a thing of beauty. They're extremely versatile and can perform multiple tasks in spite of their small size and power. I currently own three! One is currently serving as a Kodi media server at home, and the second is a portable media server for my daughter. I most recently acquired a Pi 2.  The Raspberry Pi 2 debuted last month and sports a new hardware ... READ MORE

King Phisher 0.1.7 Released

February 20, 2015 By Spencer

We are very pleased to announce today that the latest release of RSM's open source phishing toolkit, King Phisher, is now available. This latest release has lots of new features, client GUI improvements and stability fixes. Some of the highlights of version 0.1.7 include: Integration for checking SPF records Automatic CSRF page generation Full support for serving ... READ MORE

Walking The Stack Back To Userland

February 10, 2015 By Spencer

The nature of writing kernel exploits is tricky. The necessity for reliable exploitation is paramount given that a failure will likely result in system instability usually manifested in the form of a kernel panic / BSOD. Depending on the nature of the vulnerability, maintaining stability after the attacker's shellcode has run can be a real challenge. Often times structures are ... READ MORE

Generating Time-based One-time Passwords With PowerShell

February 5, 2015 By Jeff

In this post I will be explaining how to leverage PowerShell to create a time-based one-time password (TOTP).  If you are not familiar with the concept of one-time passwords, the key point is that they are passwords that can be used only (drum roll) one time.  If you require more information please see this Wikipedia article. If you have ever used RSA's SecurID or Google's ... READ MORE

Analyzing Safe Exception Handlers

December 22, 2014 By Spencer

SafeSEH (Safe Structured Exception Handlers) is a Windows binary protection mechanism for 32-bit executables that has been around for a while now. When the option is enabled, the linker creates a list of valid exception handler addresses in the SEHandlerTable when the binary is being built. This protection prevents the execution of corrupted exception handlers which is a common ... READ MORE

Chromoting For Access

December 15, 2014 By Spencer

Chromoting Background Google Chrome offers a service dubbed "Chromoting" which allows users to opt into allowing remote access to their systems for either personal reasons or technical support. To use this service a user must download Chrome, be logged into their Google account, and enable Chromoting via the Chrome Remote Desktop application. The remote desktop application, ... READ MORE

King Phisher 0.1.6 Released

November 3, 2014 By Spencer

The latest version of RSM's phishing tool King Phisher has been released with numerous improvements. King Phisher is RSM's Phishing Campaign toolkit of choice, developed internally to meet the demands of the engagements that the team encounters. Some of the new features in this release include: Support for email messages with inline images that do not need to be ... READ MORE

Enumerating User IDs On Smart Meters

October 20, 2014 By Spencer

The latest module for the Termineter Framework supports enumerating valid user IDs on smart meters as part of the C12.18 login process. This is particularly useful for certain smart meter vendors that allow the C12.19 general information tables #0 and #1 to be read with a valid user ID and but no password. Enumerating user IDs on smart meters can also identify accounts that can ... READ MORE

MS14-040 AFD.sys Dangling Pointer Further Analysis

October 6, 2014 By Spencer

In July of this year (2014), an excellent write up was released by Sebastian Apelt of Siberas on the vulnerability described in the MS14-040 advisory. This vulnerability is a dangling pointer in the AFD.sys driver that when successfully exploited can allow a program to execute code in the context of NT_AUTHORITY\SYSTEM. This is a significant vulnerability as there are currently ... READ MORE

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 4
  • Go to page 5
  • Go to page 6

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.8k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.