When permission goes wild

September 26, 2016 Daniele

WordPress Penetration Test

Today a friend of mine told me:

I don't know how it is possible, i've a fully patched wordpress site without a particular or malicious plugin, but someone keep hacking me over and over!

Since he's a friend of mine I told him to let me take a look, so i'll try to figure out what goes wrong with the server setup! He was happy enough to find the root cause of so many breaches so he gave me access to their test server with a limited account and a php shell (Take in mind php was chrooted!).

Windows privilege escalation made easy

September 26, 2016 Daniele

Privileges

User's privileges are a daily challange in today's hack, sometime when a malicious user break into your system he tries also to escalate their permission till Administrator account. There are many ways to do it, some are really hard to perform such as 0day, others are pretty trivial such as misconfigurations, weak permissions, elevated process, pipelines and more. Perform all those task on a system with many packeges installed would be a really pain in the ass, here's where my script come in help!.