Tag: Windows

• SideStep: Another AV Evasion Tool

  A few years ago I was working on a basic penetration test and came across a remote code execution vulnerability. I tried using Metasploit to deliver a payload but it became evident that the host’s antivirus software was removing the executable. See this article as a reference. This was shortly after the initial release of…

  Josh Berry

  June 24, 2015

  Metasploit, Penetration Testing, Python, Windows

  AV Evasion, CryptoPP, Hyperion, Metasploit, Meterpreter, msfvenom, peCloak, Penetration Testing, Python, Shellcodeexec, Veil, Visual, Windows

• SQLiPy: A SQLMap Plugin for Burp

  I perform quite a few web app assessments throughout the year. Two of the primary tools in my handbag for a web app assessment are Burp Suite Pro and SQLMap. Burp Suite is a great general purpose web app assessment tool, but if you perform web app assessments you probably already know because you are…

  Josh Berry

  September 22, 2014

  Burp, Linux, Penetration Testing, Python, Unix, Windows

  Burp Suite Pro, Java, Jython, Linux, Python, sqlmap, Web App Pentesting, Windows

• Directory Traversal to Administrator

  I wrote a post a while back on turning a directory traversal vulnerability into root access on Unix or Linux systems. The post and a tool I wrote to help facilitate attacks can be found here. These vulnerabilities can be fun because they are often rated as moderate risks, with CVSS scores around 5.0, and…

  Josh Berry

  August 14, 2014

  Penetration Testing, Windows

  Cain, Directory Traversal, Hashcat, Ophcrack, Windows

• Manually Penetrating the FCKedit Vulnerability – CVE-2009-2265

  I am seeing more and more scenarios where for whatever reason, the Metasploit modules, and modules from commercial solutions I use, aren’t successful against a known vulnerable host. This is often due to DEP or antivirus protections that I discussed here and again here. There can also be other security mechanisms at play from time…

  Josh Berry

  December 7, 2013

  Metasploit, Penetration Testing, Windows

  Adobe, Burp Suite Pro, ColdFusion, Metasploit, Meterpreter, mimikatz, Shellcodeexec, Veil, Windows

• Follow Up on DEP and AV Bypass

  This is a continuation of research based on my adventures on a penetration testing engagement described here. There were a few key features that I really wanted to add to enhance my DEP/AV bypass tool: Bypass a majority of AV systems Remove the dependency on the msvcr100d.dll file Combine the Metasploit payload in the shellcodeexec…

  Josh Berry

  November 5, 2013

  Metasploit, Penetration Testing, Windows

  CodeBlocks, CryptoPP, Hyperion, Metasploit, Meterpreter, msfencode, msfpayload, Penetration Testing, PyInjector, Shellcodeexec, Veil, VirusTotal, Visual Studio, Windows

• Adventures in Penetration Testing: When DEP and AV Muck it Up

  A while back I was performing a network penetration test and came across a remote code execution vulnerability in one of the web applications hosted at the site. It got me excited because I just knew it was going to result in some level of access to the host. It looked like a pretty simple…

  Josh Berry

  October 18, 2013

  Metasploit, Penetration Testing, Windows

  Metasploit, Meterpreter, msfencode, msfpayload, Penetration Testing, PowerShell, Shellcodeexec, Windows