Author Archives: Alfie

Penetration testing Sharepoint

Like any normal web application, Sharepoint may fall prey to OWASP Top 10 vulnerabilities with a special focus on XSS, mostly due to inadequate patching and misconfiguration. On this post, we focus on recon / what sharepoint is exposing. Google Dorks FTW!: Some google dorks to help you find sharepoint installations exposed to the webContinueContinue reading “Penetration testing Sharepoint”

Word Heist!

So, I stumbled upon an interesting script. Over the years, I have been using various tools and scripts to do spear phishing; with the many vulnerabilities in Microsoft Office Suite and Adobe PDF reader being enablers and the ability to embed macros being an even bigger enabler. But things have changed and users are now keenContinueContinue reading “Word Heist!”

Do you know what your ERP is telling us?

Interesting engagement I had a few weeks ago, a client wanted assurance on their ERP – Oracle E-Business suite, to be specific. I spent a few weeks just to formulate an efficient strategy and be able to cover most controls from an insider threat perspective and an external authenticated attacker angle. For this post, IContinueContinue reading “Do you know what your ERP is telling us?”

Should we be worried? Huawei router …Part II

This is a follow-up of this post… Good. Now we are at par. After getting the router config as in the earlier post, I got to comb through the router config. Interesting things, I tell you. One of the parameters, X_HW_MonitorCollector has a server URL of yjyx.gd.edatahome.com and a tftp port of 6169. As shown above,ContinueContinue reading “Should we be worried? Huawei router …Part II”

Auditing linux , unix OS..in 120 seconds flat

Well, most of us have seen the movie Gone in 60 seconds, so I decided to write a baseline script for auditing linux and most unix operating systems in well under 2 mins – averages about  130 seconds on my test Centos and Red hat distributions. The script is modeled around most of the operating systemContinueContinue reading “Auditing linux , unix OS..in 120 seconds flat”

Huawei HG8245H router “privilege escalation”…Part I

This is a prequel to this post here Well, I got to play around with my router a few weeks ago. My router, a Huawei HG8245H version, is pretty decent for home use. First things first, the login password is smack on the bottom of router as below. Most routers have a well known defaultContinueContinue reading “Huawei HG8245H router “privilege escalation”…Part I”

Lateral movement..Part I

Scenario: you are a normal user in your company’s domain. No admin privileges. Nothing. You can’t even install a program in your machine. What if I told you, that you can be the local administrator on your machine and probably on MANY more in your organization? I am not able to count the number ofContinueContinue reading “Lateral movement..Part I”