How to Phish Using a Jump Box Part 2

GoDaddy GUI Stuff 🙈 So in my first post I didn’t show how I had all the DNS things set up in GoDaddy. One thing I always get hung up on is adding the TXT record for Let’s encrypt. I always find a way to mess up the TXT record somehow. This is how it should look when you’re waiting for the DNS registrar to update your Let’s Encrypt TXT record: Let’s Encrypt Setting
Read more →

Helpful Tricks I Use to Get Domain Admin

So I was recently on an internal assessment (Thanks Hexcartel) and got to do some cool tricks I felt like sharing. Behold some tricks: Dumping Lsass on Windows 10 😋 Quick and Easy So, we all know you can’t just blast Crackmapexec and attach a C2 stager and get shells raining like you could in an unpatched Windows 7 network. See my post on “How I use Koadic on Internals”
Read more →

Kiosk Escapes Pt. 3 - Mexico Edition!!

Storytime… 🎧 So this one’s gonna be short and sweet; More of a lesson than anything. So, for those of you that don’t follow me super close, I recently went on a trip to Cancun Mexico; It was great in case you were wondering. Anywho, one of those days I noticed this huge kiosk that happened to be a 40 inch Flatscreen Touchscreen TV that listed the hotel’s special services and was there for public use.
Read more →

How to Phish Using a Jump Box Part 1

Installing Postfix First thing you need to do to get started is install postfix on your jump box. ⋊> /e/gophish sudo apt-get install postfix Once you have it installed you’ll need to configure the main.cf file. After making changes to your main.cf file make sure that the service actually runs. If you run the postfix service with sudo service postfix start do a quick netstat and see if you see port 25 open and listening.
Read more →

How to Use Silent Trinity - Bresaola 0.3.0dev

Overview ☔ Yea…..so apparently there is very little documentation for the current build of Silent Trinity. I was in the office today and saw my boy TheTalilama figuring it out so I decided to hop in and see how it worked. It actually does a great job against Windows 10 from what I have seen from just fooling around with it. Let’s get into how it works. Download Silent Trinity!
Read more →

Kiosk Escapes Pt 2 - Ft. Microsoft Edge!!

Backstory 📖 So…there was this one location in Vegas during Defcon 27 that had these pcs that could be used by the general public. Kiosks as some would say…Well I went over to them to see what all accessibility these kiosks had to offer out of general curiosity, you know, “can these let me access facebook, github, reddit” etc. type stuff. Well, to my astonishment these kiosks had an interface that wouldn’t allow me to access the C:\ drive!
Read more →

Installing Covenant v3.0 on Ubuntu 19

Intro There’s a lot of hype around the new version of Covenant 3.0 so I figured I’d share my installation experience with the world (I need content…shhhhh…lol). My boy Wraith said it was pretty legit so I had a quick look-see before hoping into bed. It def looks like a solid and modern framework that ups that ante for other C2 frameworks (you’ll never steal my heart from Koadic!❤).
Read more →

How I Use Koadic on Internals

Overview I LOVE KOADIC!! Yes this doesn’t work out of the box against Windows 10+ machines but if you find yourself on a network with older Windows 7 and Windows Server 2012 and below machines Koadic will gobble the network whole and very quickly. I guess I should note that much of what I love about it is it’s organization and implementation of Mimikatz which is probably the real MVP of the tool.
Read more →