Another PDF Streams Example: Extracting JPEGs, (Fri, May 17th)
In my diary entry “Analyzing PDF Streams” I showed how to use my tools file-magic.py...
Read MoreIn my diary entry “Analyzing PDF Streams” I showed how to use my tools file-magic.py...
Read MoreIn my diary entry “Analyzing PDF Streams” I showed how to use my tools file-magic.py...
Read MoreI was recently asked to “recover” a RADIUS key from a Microsoft NPS server. No problem I think, just export the config and it’s all there in clear text right? … yes, sort of … The XML file that...
Read MoreI had an interesting call from a client recently – they had a number of “net use” and “psexec” commands pop up on a domain controller, all called from PSEXEC (thank goodness for a good EDR deployed...
Read MoreThis month we got patches for 67 vulnerabilities. Of these, 1 are critical, and 1 is being exploited according to Microsoft. The critical vulnerability is a Remote Code Execution (RCE) affecting the Microsoft Sharepoint Server...
Read MoreApple today released updates for its various operating systems. The updates cover iOS, iPadOS, macOS, watchOS and tvOS. A standalone update for Safari was released for older versions of macOS. One already exploited...
Read MoreI was asked if I could provide mote details on the following sentence from my diary entry...
Read MoreOccasionaly, Xavier and Jim will ask me specific students’ questions about my tools when...
Read MoreSynology NAS solutions are popular devices. They are also used in many organizations. Their product range goes from small boxes with two disks (I’m not sure they still sell a single-disk enclosure today) up to monsters, rackable...
Read MoreISPs have a history of intercepting DNS. Often, DNS interception is done as part of a “value...
Read MoreA friend was having unexpected results with DNS queries on a Windows machine. I told him to use...
Read MoreBefore diving into the vulnerability, a bit about the affected devices. LB-Link, the make of the devices affected by this vulnerability, produces various wireless equipment that is sometimes sold under different brands and...
Read More