Last year, vulnerabilities were discovered in Windows which – using Microsoft’s Encrypting File System Remote Protocol (MS-EFSR) – allowed exploitation via Active Directory Certificate Services (AD CS). Whilst Microsoft provided patches which prevented the original PetitPotam attack, another called ShadowCoerce used a different endpoint and allowed a similar route to […]
There is no excerpt because this is a protected post.
This weeks exciting episode of Hack The Box was breaking into RouterSpace, a very easy box that took longer than it should. I ended up with a pair of speed bumps. One was because I couldn’t get an Android emulator running on my usual Kali box in the way I […]
Over the years I’ve run quite a few different websites. Most of them have ended up in Internet dustbin but now and again there is content I want to preserve. Recently I pulled a site from a server that was so old it’d begun making trips to Bournemouth and getting […]
Around a decade or so ago Chris Tarrant used to be the host of a show called Who Wants To Be a Millionaire? shown on ITV in the UK. This show has become a franchise sold worldwide, so wherever you are reading this, you’ve probably seen an incarnation on your […]
It’s been a few months since we popped a shell on Hack The Box. I didn’t fancy a migraine today though, so it’s just an easy box we’re going after. Starting with some basic enumeration, I ran nmap which never seemed to complete for some reason. I wasn’t really waiting […]
It seems a number of countries are becoming increasingly hostile to foreign news broadcasters. Whilst some would argue that the BBC is not impartial, I’m inclined to – mostly – disagree. In general, within the UK, I’d say they manage to annoy those on both sides of an argument. Conservatives […]
The BBC recently released an article regarding an announcement by the FBI pertaining to cyber attacks, which contained recommendations for athletes that would be attending the Beijing Olympics. The article, https://www.bbc.co.uk/news/technology-60215250 strangely though doesn’t cover the main reason why this is being suggested. A sizeable chunk of my technology and […]
Many people are already aware of the scams that start with Smishing (SMS Phishing). For the uninitiated, this is where a malicious actor sends SMS messages to try to get a victim to click a link. They normally suggest that a payment has failed and that the victim will lose […]
Shoppers of Angling Direct were in for a bit of a surprise recently if they navigated to the fishing stores website. Instead of being able to review the latest equipment to catch a big fish, they were directed to a well known pornography website. Checking their social media it, and […]