Personal Bits

This is a test of an Eternalblue exploit script from worawit: https://github.com/worawit/MS17-010/blob/master/eternalblue_exploit7.py The script claims to have been tested on : - Windows 7 SP1 x64   - Windows 2008 R2 SP1 x64   - Windows 7 SP1 x86   - Windows 2008 SP1 x64   - Windows 2008 SP1 x86 Get the main script : wget https://github.com/worawit/MS17-010/raw/master/eternalblue_exploit7.py dos2unix eternalblue_exploit7.py There is some shellcode required that has to be assembled. I downloaded and installed NASM on a Windows VM. On my Windows 7 32 bit VM I downloaded the kernel shellcode from : https://raw.githubusercontent.com/worawit/MS17-010/master/shellcode/eternalblue_kshellcode_x86.asm I saved the shellcode into a file called : sc_x86_kernel.asm The shellcode needs to be in a raw binary form. I should be able to use NASM with the -f bin option to compile the assembly code to a raw binary file. C:\Users\nc\AppData\Lo...

Keepnote Quite a while ago I decided to embark on the journey towards the OSCP certification . One of the recommended applications for keeping notes during the penetration test of the lab environment and eventually the exam is the Keepnote application . This blog post is just a few tips that I have compiled on my way towards successfully using Keepnote. Keeping It Synchronized Across Systems One of the first challenges that I have run into is the strategy for keeping a Keepnote notebook synchronized between computers. I suppose one option is to simply store and access the notebook from a USB key.  This doesn't work for me since my strategy concerning USB keys is to never walk away from a computer while a USB key remains inserted into it. This is especially important when you are in a work environment or other potentially hostile environment where your USB Key (or external drive) could be swiped or infected by a 3rd party etc.. I found that copying the Keepnote ...

This is my how-to current as of August 31, 2017 . Context Kali Linux 2016.2 after: apt-get update apt-get upgrade apt-get dist-upgrade apt auto-remove restart Reason Training, see: https://www.cybrary.it/course/advanced-penetration-testing/ Video: https://www.cybrary.it/video/post-exploitation-part-4/ Downloads cd /opt git clone https://github.com/pentestgeek/smbexec.git git clone https://github.com/libyal/libesedb.git git clone https://github.com/csababarta/ntdsxtract /opt/NTDSXtract wget https://raw.githubusercontent.com/infoassure/dumpntds/master/dshashes.py -O /opt/NTDSXtract/dshashes.py Install Required Tools/Libraries apt-get install automake autoconf autopoint gcc-mingw-w64-x86-64 libtool pkg-config passing-the-hash ruby-nokogiri ruby-libxml libxml2-dev libxslt1-dev Build libesbdb cd /opt/libesedb/ ./synclibs.sh ./autogen.sh ./configure make Install Bundler gem install bundler   Install Smbexec First edit the file /opt/smbexec/smbe...