Stinging with a sharp serpent: Windows post-exploitation with SILENTTRINITY & IronPython

Powershell is beginning to lose its power for offense as the detection and mitigation of Powershell-based attacks is rising, and the focus is currently shifting to C# for tool creation as it can directly tap the .NET framework similar to Powershell. Derbycon 8 had a ton of amazing talks, and I am now just catching up on all of them (thanks Irongeek!)...

Read More

Non-alphanumeric characters in my alphanumeric encoded payload - Exploration with NNM 7.53

After watching the Defcon 16 talk by Muts in regard to the 0-day they discovered in the NNM service and how they overcame all the crazy obstacles they were faced with, I wanted to learn more about this and explore it in-depth. DEFCON 16: BackTrack Foo - From bug to 0day: https://www.youtube.com/watch?v=gHISpAZiAm0 Original PoC: https://www.offensive-security.com/0day/hp-nnm-ov.py.txt While...

Read More