-
Recent Posts
- Weaponizing AMSI bypass with PowerShell
- CVE-2019-15305 – CVE-2019-15309 Several Security Vulnerabilities in “Innosoft Einsatzplanung Web” Version 5.2q4
- Exploitation of Server Side Template Injection with Craft CMS plugin SEOmatic <=3.1.3 [CVE-2018-14716]
- Comprehensive data leakage via Google Groups
- Pingsweep with Windows CLI
Category Archives: Windows
Weaponizing AMSI bypass with PowerShell
Introduction The Windows Antimalware Scan Interface (AMSI) is a versatile interface standard that allows applications and services to integrate with any antimalware product that’s present on a machine. You can find more information on it here: https://docs.microsoft.com/en-us/windows/win32/amsi/antimalware-scan-interface-portal. A while ago … Continue reading
Posted in Researching, Windows, Write-Up
Tagged amsi, bypass, exploitation, hacking, Powershell, security
Comments Off on Weaponizing AMSI bypass with PowerShell
Pingsweep with Windows CLI
I just happened to find myself with the requirement of performing a ping sweep of the local /24 network under Windows without installing any additional software or tools. Turns out you can do that quite easily via the commandline:
|
1 |
for /L %i in <1,1,255) do@ping -w -n 123.123.123.%i | find "Reply" |
Posted in Windows
Comments Off on Pingsweep with Windows CLI
Creating dummy files in Windows
If you want to create dummy files in Windows you can simple create them by using fsutil:
|
1 |
fsutil file createnew <filename> <length in bytes> |
So in order to create a bulk file which is 1 GB in size you can go with:
|
1 |
fsutil file createnew c:\foo.bar 1073741824 |
Posted in Windows
Comments Off on Creating dummy files in Windows
Parsing a line based hosts file to Firefox under Windows
I just needed to parse a line based file containing hosts and access the hosts with Firefox under Windows in multiple tabs. Here is what I did:
|
1 2 3 |
for /f %%a in (file.txt) do ( start "%Program Files%\Mozilla Firefox\firefox.exe" %%a > nul ) |
If you want to slow things down and the sleep command is … Continue reading
Posted in Windows
Comments Off on Parsing a line based hosts file to Firefox under Windows
Enhanced security controlls for Internet Explorer on windows servers
Due to enforced security controlls you will often find yourself unable to access any website while running the Internet Explorer on a windows server. This is related towards the Enhanced Security Configuration (ESC). You can manually disable it by jumping … Continue reading
Posted in Windows
Comments Off on Enhanced security controlls for Internet Explorer on windows servers
Dumping of installed programs and services within Windows
I use the following snippets to dump installed programs on Windows machines via WMIC (Windows Management Instrumentation Commandline):
|
1 2 3 |
C:\Users\MyUser> wmic wmic:root\cli>/output:C:\tmp\InstallList.txt product get name,version wmic:root\cli>/output:C:\tmp\ServiceList.txt service |
The output can be processed as CSV
Posted in Windows
Comments Off on Dumping of installed programs and services within Windows