April 26, 2018

Category: Scripts

KT Labs EP4 :: Automation using Ansible for Network Engineers

In this Vlog, I discuss how Ansible can be leveraged by engineers to automate configurations and save time. Ansible files for download: https://blog.synack.co.uk/download/kt-labs-ep4-ansible-files/ More about setting up Ansible: https://wp.me/p8lfsH-mn Ansible Documentation: http://docs.ansible.com/   Getting started with automation using ansible from Kelvin Charles    

Ansible :: Creating a Test Environment

In this article, I will go over the basics of what is required to get Ansible up and running so that you can create and run your own playbooks. I assume those that are reading this have at least some knowledge of what Ansible is, what languages it uses and the benefits of using Ansible. […]

Getting really low :: Backdooring an EXE

So recently I started my OSCE and part of it is backdooring an executable and doing some other things.  There are loads  of guides on the interwebz that basically just regurgitate the course content verbatim and claim it as their own.  I won’t provide links but trust me, they are out there.  These sites / blogs […]

My first Exploit-DB Post!!

Recently I’ve started to get interested in bug hunting to further my understanding of all sorts of programming languages and I highly recommend it! Today I decided to turn my attention to the Netman 204 card by Riello which is a small network management card which provides the ability to monitor Riello UPS products and […]

Using PowerSploit to inject MSFVenom shellcode

This article will discuss how we can use the rather brilliant PowerSploit project, coupled with MSFVenom, to inject a staged Meterpreter reverse HTTPS shell into a running process.  This script can then be Base64 encoded and used in a USB HID attack or a macro malware document and I will write the relevant guides for […]

PowerShell :: Base64 to string

Completing the numerous something to Base64 and back again scripts is this little one liner to get a string back from a Base64 encoded string.  This is useful a lot when doing offensive security as it allows you to store a script in Base64 then iex the decoded string.  ieex being an awesome PowerShell command […]

USB HID – Teenyduino keyboard led feedback

After doing a bit of Google-Fu I managed to work out how to read the state of the simulated keyboard LEDs for the Teensyduino.  It turns out you read a single value with the predefined variable keyboard_leds which when converted to binary shows the state of each LED in the least significant bits.  The what?  Let’s […]

USB HID – what to do when cmd and run are disabled

All the articles I can find on the internet for the USB HID attack vector revolve around using one of two initial shell access methods.  These are: Windows key + R — Open a run  prompt Windows key, type “CMD”, press ENTER — Open a command window Anyone who has worked in enterprise IT in the […]

USB HID attack – A zero to hero guide

I’ve had a Teensy USB 3.2 Arduino board for around a year now with the intention of playing with some USB HID attacks and creating this blog has finally motivated me to do it.  Hurrah for the blog.  If you haven’t heard or seen anything about USB HID attacks they are a pretty neat little attack […]

Python :: break a string into lines of Hex

You may have seen output like this in programs such as HxD and it can be really useful.  I forgot the exact reason I needed this script, but it will take a string and output it in definable line lengths of hexidecimal.  It may be easier to see it in the screen below.  If you […]
Page 1 of 3123 »

Subscribe to SYNACK via Email