Week 2 In Review – 2017

/, Site News, Week in Review/Week 2 In Review – 2017

Tools

  • Invoke-TheHash – github.com
    Invoke-TheHash contains PowerShell functions for performing NTLMv2 pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Local administrator privilege is not required client-side.
  • FiercePhish – github.com
    FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.

Techniques

  • PHPMailer/SwiftMailer/ZendFramework Video PoC Exploit – legalhackers.com
    The video below demonstrates how an attacker could potentially compromise a website (achieve remote code execution) by exploiting one of the vulnerabilities linked above in a web application (Contact Form) implemented with the use of: PHPMailer, Zend Framework (zend-mail) and SwiftMailer.

Other News

  • Unsecure routers, webcams prompt feds to sue D-Link – arstechnica.com
    The Federal Trade Commission on Thursday sued Taiwan-based D-link in federal court. The FTC alleges that D-link routers and webcams left “thousands of consumers at risk” to hacking attacks.

 

2017-03-12T17:39:09-07:00 January 8th, 2017|Security Tools, Site News, Week in Review|0 Comments

Related Posts

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.

Read more About Us

Support Us

Support this site via patreon.

Other Information