Clik here to view.
Update: Stoned Bitcoin
kurt wismer pointed me to this post on pastebin after he read my Stoned Bitcoin blogpost. The author of this pastebin post works out a method to spam the Bitcoin blockchain to cause anti-virus (false)...
View ArticleClik here to view.
Stoned Bitcoin: My Analysis Tools
The most interesting thing about Stoned Bitcoin for me, was to work out a method to find these Bitcoin transactions. When this was mentioned on Twitter, I did a string search through the Bitcoin...
View ArticleClik here to view.
A Return: The Puzzle
It’s been some time that I posted a puzzle. So here is a new little puzzle. What is special about this file?
View ArticleClik here to view.
Update: Calculating a SSH Fingerprint From a (Cisco) Public Key
I think there’s more interest for my program to calculate the SSH fingerprint for Cisco IOS since Snowden started with his revelations. I fixed a bug with 2048 bit (and more) keys....
View ArticleClik here to view.
Howto: Make Your Own Cert With OpenSSL on Windows
Some people following my “Howto: Make Your Own Cert With OpenSSL” do this on Windows and some of them encounter problems. So this post shows the procedure on Windows. For your info: I also have a video...
View ArticleClik here to view.
PDF Password Cracking With John The Ripper
I have a video showing how to use oclHashcat to crack PDF passwords, but I was also asked how to do this with John The Ripper on Windows. It’s not difficult. Download the latest jumbo edition...
View ArticleClik here to view.
Authenticode And Timestamping And sha256
I have a couple of how-to posts on digital signatures, like this code signing post. Let me revisit this topic now that Microsoft announced some upcoming changes to code signing. I use signtool.exe that...
View ArticleClik here to view.
SHA256 Code Signing and Microsoft
In a couple of days Windows will no longer trust sha-1 code-signing. It happened in the past that Microsoft announced changes to AuthentiCode, and then did not follow though, but it looks like this one...
View ArticleClik here to view.
XOR Known-Plaintext Attack
To celebrate my Microsoft MVP award 2016, I’m releasing a new XOR-tool. Because you can never have enough XOR-tools in your toolbox :-). When data is XOR-encrypted with a repeating key and you known...
View ArticleClik here to view.
Update: xor-kpa.py Version 0.0.2
I added support for ZIP files to xor-kpa.py. If you pass a ZIP file to xor-kpa, it will analyze the contained file. The ZIP file can be password protected (password infected). xor-kpa_V0_0_2.zip...
View ArticleClik here to view.
Practice ntds.dit File Part 5: Password Cracking With hashcat – LM NTLM
When you have LM and NTLM hashes, you can first crack the LM hashes and then use the recovered passwords to crack the NTLM hashes. File hashcat-mask-lm.pot contains the passwords we recovered from...
View ArticleClik here to view.
Practice ntds.dit File Part 6: Password Cracking With John the Ripper – Wordlist
After password cracking examples with hashcat, I want to show you how to crack passwords with John the Ripper (remember we also produced hashes for John the Ripper: lm.john.out and nt.john.out). First...
View ArticleClik here to view.
Practice ntds.dit File Part 7: Password Cracking With John the Ripper –...
Brute-force cracking with John the Ripper is done with incremental mode. Incremental mode is not just trying out the full key space, it follows an order based on trigraph frequencies to recover...
View ArticleClik here to view.
Practice ntds.dit File Part 8: Password Cracking With John the Ripper – LM NTLM
Using passwords recovered from LM hashes to crack NTLM hashes is easier with John the Ripper, because it comes with a rule (NT) to toggle all letter combinations:...
View ArticleClik here to view.
Practice ntds.dit File Overview
I published a sample Active Directory database file (ntds.dit) to practise hash extraction and password cracking. And I published several how-to blog posts. Here is an overview: Practice ntds.dit File...
View ArticleClik here to view.
Video: ntds.dit: Extract Hashes With secretsdump.py
In this video I show an alternative to my blogpost on extracting hashes from the Active Directory database file ntds.dit. I use secretsdump.py from Core Security’s impacket Python modules. The...
View ArticleClik here to view.
Howto CreateCertGUI: Create Your Own Certificate On Windows (OpenSSL Library)
I created a program with a graphical user interface to create a simple certificate. This program uses the OpenSSL library. Extract the program from the zip file (below) and run it: You don’t have to...
View ArticleClik here to view.
mimikatz: Golden Ticket + DCSync
This blog post aims to provide a bit more information about what Benjamin Delpy wrote in this tweet: For this demo I run mimikatz as a least privilege, local user on a Windows workstation that is a...
View ArticleClik here to view.
Video: mimikatz: Golden Ticket + DCSync
I also have a video for my mimikatz: Golden Ticket + DCSync blog post.
View ArticleClik here to view.
Update: xor-kpa.py Version 0.0.3 With Man Page
This new version has a man page now (option -m): Usage: xor-kpa.py [options] filename-plaintext [filename-ciphertext] XOR known-plaintext attack Predefined plaintext: dos: This program cannot be run in...
View Article