Saw something on twitter today about using the old standby program, iexpress.exe, which is still available in Win10, you can package your powershell scripts inside an executable. You can use it to run malicious powershell scripts etc…
SO I was thinking of some fun things to do with it, getting reverse shells, dumping passwords with mimikatz, compiling .cs files etc to evade AV and whitelisting. It’s fairly simple to do ,here’s an example of a powershell reverse shell: Continue reading
Contact Me
- Certifications:
Websites:
InfoSec Wiki
Whats My Pass?
Track Somebody
october27th group
BHAF Security
illmob Social Media
Categories
-
Recent Posts
RSS Blogroll
- Russian-Speaking APT Engaged in G20 Themed Attack
- 50% of Ex-Employees Can Still Access Corporate Apps
- Vendor Exposes Backup of Chicago Voter Roll via AWS Bucket
- ShieldFS Hits 'Rewind' on Ransomware
- 14 Social Media-Savvy CISOs to Follow on Twitter
- It’s Not Exactly Open Season on the iOS Secure Enclave
- Threatpost News Wrap, August 18, 2017
- Hacker Publishes iOS Secure Enclave Firmware Decryption Key
- EternalBlue analysis
- MS17-010 update
Archives
Skype
Email
Keybase.io