Overview During a recent Red-Team engagement, we discovered a series of information disclosures on a site allowing our team to go from zero access to full compromise in a matter of hours. 1. Information disclosures in Apache HTTP servers with mod_status enabled allowed our team to discover.jar files,…
Recently on a pentest, we encountered a web application that allowed us to control command line args sent to the 'java' binary on the underlying server. We didn't see any resources published on how to gain arbitrary command execution with just control of the arguments to…
USB dropping is one of those famous 'hacker' moves from the 2000's that lives on in infamy. Although it is not our go to option during red teams and social engineering engagements, it can still prove to be a useful tool. This post will provide on…
We will be discussing a technique that isn't utilized too often anymore and has been around for many years, however appears to be forgotten... In the past few months most attempts I have observed at using userland binaries to keep relatively persistent and simple access [*not involving rootkits]…
Biscom Secure File Transfer is an application that gives the ability for companies to share files among users and focuses on being easy to use for the everyday user. It allows for users to send files without having to use FTP, email, or any possibly insecure method and has been…