If you’ve read previous posts on here you know that I am a big fan of CrackMapExec. One of the things that makes it particularly useful is I can run a payload against multiple targets at once. A variety of payloads exist, though my favorites are “mimikatz” and “met_inject”, which executes Meterpreter shellcode on a…
Securing a default installation of MacOS
This was originally written as the basis for a GIAC Gold paper. Ultimately, it was not unique enough to warrant a research paper, but will provide an overview of the security features of MacOS. As of mid 2016, MacOS captures nearly 10% of the global market for desktop PC software. While Apple computers…
Control your Mac with an iPhone app – An analysis of HippoRemote
Applications that are in use on Macs often times are under less scrutiny for security compared to their Windows alternatives. When researching popular apps in use on OS X I found an app on the iPhone called HippoRemote. It appears to be quite popular, with a combined 7,558…
Using email for persistence on OS X
In this post we will cover how we can use Mail.app on OS X to persist. I was inspired by similar tools which are designed to work with Microsoft Outlook. I first stumbled upon this article from MWR InfoSecurity, and then this blog post from Silent Break Security. While rules in Mail.app will not replicate…
Privilege escalation on OS X – without exploits
This blog post is about ways to escalate privilege on OS X without the usage of exploits. While exploits are always nice to have, there are other ways in which you can gain root privileges on your target. By using misconfigurations with a little bit of social engineering you can get your victim to escalate…
Categories
n00py Blog
- Protected: Aw, Sugar. Critical Vulnerabilities in SugarWOD
- The SOCKS We Have at Home
- Bypassing Amazon Kids+ Parental Controls
- Bypassing Okta MFA Credential Provider for Windows
- CactusCon 2023: BloodHound Unleashed
- Exploiting Resource Based Constrained Delegation (RBCD) with Pure Metasploit
- Practical Attacks against NTLMv1
- Password Spraying RapidIdentity Logon Portal
- Manipulating User Passwords Without Mimikatz
- Unauthenticated Dumping of Usernames via Cisco Unified Call Manager (CUCM)
December 2024 M T W T F S S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Archives
- October 2024
- January 2024
- April 2023
- February 2023
- January 2023
- October 2022
- March 2022
- January 2022
- September 2021
- May 2021
- December 2020
- August 2020
- May 2020
- February 2020
- January 2020
- December 2019
- June 2019
- March 2019
- October 2018
- August 2018
- June 2018
- April 2018
- March 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- June 2017
- April 2017
- March 2017
- January 2017
- October 2016