In Scope or Out of Scope?

In penetration testing, it’s important to have an accurate scope and even more important to stick to it. This can be simple when the scope is limited to a company’s internet service provider (ISP) or ARIN provided IP ranges. But in many cases, our client’s public systems have grown to include multiple cloud hosted servers,…

OpenSSH < 7.7 - Username Enumeration Exploit

On August 15th, 2018 a vulnerability was posted on the OSS-Security list. This post explained that OpenSSH (all versions prior to and including 7.7) is vulnerable to username enumeration by sending a malformed public key authentication request (SSH2_MSG_USERAUTH_REQUEST with type “publickey”) to the service. Read more at our #_shellntel blog.

Kraken Password Cracker

How to Build a 8 GPU Password Cracker

This build doesn’t require any “black magic” or hours of frustration like desktop components do. If you follow this blog and its parts list, you’ll have a working rig in 3 hours. These instructions should remove any anxiety of spending 5 figures and not knowing if you’ll bang your head for days. Read more at…

Luckystrike: An Evil Office Document Generator.

Luckystrike is a PowerShell based generator of malicious .xls documents (soon to be .doc). All your payloads are saved into a database for easy retrieval & embedding into a new or existing document. Luckystrike provides you several infection methods designed to get your payloads to execute without tripping AV. Read more at our #_shellntel blog.