Nathan Noll – Page 12 – WindowsTechs.com

Finding a Privilege Escalation in the Intel Trusted Connect Service Client

Posted on January 21, 2020 by Nathan Noll

In this post, we will cover a privilege escalation that I found in the Intel Trusted Connect Service Client. The Connect Service Client is part of Intel Management Engine Components and is designed to permit a non-privileged user to become system. After communicating with Intel about the vulnerability, it was discovered that this was already…

The post Finding a Privilege Escalation in the Intel Trusted Connect Service Client appeared first on TrustedSec.

Continue reading Finding a Privilege Escalation in the Intel Trusted Connect Service Client→

NetScaler Honeypot

Posted on January 13, 2020 by Nathan Noll

The Citrix NetScaler remote code execution vulnerability (CVE-2019-19781) has been a pretty popular topic over the last few weeks. Once public exploits of the vulnerability started to appear in the wild, TrustedSec deployed a Citrix NetScaler honeypot. We did not have to wait long for the attacks to begin. Less than 24 hours after deployment,…

The post NetScaler Honeypot appeared first on TrustedSec.

Continue reading NetScaler Honeypot→

NetScaler Remote Code Execution Forensics

Posted on January 11, 2020 by Nathan Noll

With the recent Citrix ADC (NetScaler) CVE-2019-19781 Remote Code Execution vulnerability, the TrustedSec Incident Response team has been working closely with our offensive and research teams as they created a working exploit. This has allowed us to create a list of locations and indicators to search for on potentially compromised Citrix ADC hosts. Based on…

The post NetScaler Remote Code Execution Forensics appeared first on TrustedSec.

Continue reading NetScaler Remote Code Execution Forensics→

Critical Exposure in Citrix ADC (NetScaler) – Unauthenticated Remote Code Execution

Posted on January 10, 2020 by Nathan Noll

On December 17, 2019, Citrix released a critical advisory that allows for remote code execution. Advisories like these come out often for organizations, and critical exposures are nothing new for any company. However, when digging into the remediation step details, this advisory gave a substantial amount of information on the exploit itself. What makes this…

The post Critical Exposure in Citrix ADC (NetScaler) – Unauthenticated Remote Code Execution appeared first on TrustedSec.

Continue reading Critical Exposure in Citrix ADC (NetScaler) – Unauthenticated Remote Code Execution→

Rekt by the REX

Posted on January 9, 2020 by Nathan Noll

The request-to-exit (REX) passive infrared (PIR) sensor. You know the one. Spray canned air or smoke in its face, it becomes disoriented and unlocks the door. Spit a mist of alcohol in its face, it gets a buzz and unlocks the door. The butt of many “jokes” for how easily it provides unauthorized entry, but…

The post Rekt by the REX appeared first on TrustedSec.

Continue reading Rekt by the REX→

Automation Testing With Ansible, Molecule, and Vagrant

Posted on December 3, 2019 by Nathan Noll

There is an old rule that if you find yourself doing anything more than twice, you should automate it. For developers, this may be software builds or the environments into which they will be deployed; for penetration testers, it may be the need to create a phishing host or a lab environment for testing. In…

The post Automation Testing With Ansible, Molecule, and Vagrant appeared first on TrustedSec.

Continue reading Automation Testing With Ansible, Molecule, and Vagrant→

Playing With Old Hacks

Posted on November 19, 2019 by Nathan Noll

Recently, I was prepping for a session and wanted to show the old hack where you boot into a Windows setup using a USB stick and change out the utilman.exe with cmd.exe. Utilman.exe is the binary behind this icon here on the logon screen: Figure 1 – Icon for Utilman.exe First, follow these instructions to…

The post Playing With Old Hacks appeared first on TrustedSec.

Continue reading Playing With Old Hacks→

Working With the Department of Defense in 2020? Start Planning for the New Certification.

Posted on November 5, 2019 by Nathan Noll

In what is certain to be a wakeup call for many organizations involved in Department of Defense contracts, The Cybersecurity Maturity Model Certification (CMMC) is set to become a part of life in 2020. Much like previous requirements, the CMMC requirements will also apply to subcontractors, and all Requests for Proposal (RFPs) will require CMMC…

The post Working With the Department of Defense in 2020? Start Planning for the New Certification. appeared first on TrustedSec.

Continue reading Working With the Department of Defense in 2020? Start Planning for the New Certification.→

A Message of Support: Coalfire Consultants Charged

Posted on October 30, 2019 by Nathan Noll

If you haven’t been following recent news, two Coalfire employees, Gary DeMercurio and Justin Wynn, were performing a Physical Penetration Test against a Judicial Branch Building, the Dallas County Courthouse in the state of Iowa. The two employees were engaged by the Iowa State Judicial Branch to conduct the Physical Penetration Test, which is an…

The post A Message of Support: Coalfire Consultants Charged appeared first on TrustedSec.

Continue reading A Message of Support: Coalfire Consultants Charged→

Discovering the Anti-Virus Signature and Bypassing It

Posted on October 24, 2019 by Nathan Noll

In this post, I am going to go over how to find the specific Anti-Virus signature using manual testing and then show techniques that can be used to bypass them. I am a big fan of LOLBins so we are going to focus on the binary Regsvr32, which is a known binary that can be…

The post Discovering the Anti-Virus Signature and Bypassing It appeared first on TrustedSec.

Continue reading Discovering the Anti-Virus Signature and Bypassing It→