Yearly Archives: 2015

Generating a useful file listing using PowerShell

When trying to figure out what happened on a machine during a specific time-frame, a sorted file listing is quite useful. There are several ways of going about it when creating one, and as requested, here’s the way I do

Tagged with:
Posted in General

How to enable PreFetch in Windows Server

Yesterday I held a presentation on forensics and incident response at the TrueSec Security Summit. One of the major challenges when responding to a breach is figuring out exactly what an attacker has done on a machine. Did they dump

Tagged with: , ,
Posted in General

Speaking at Security Summit in Stockholm

My colleagues at TrueSec and I, are inviting you to a dedicated Security Summit the 24th of November 2015 at Hotel Rival in Stockholm. A conference day full of practical and eye-opening demos. We will teach you all about the

Tagged with: ,
Posted in Hacking

How to develop more secure software

My colleagues and I are inviting you to a conference day full of practical and eye-opening sessions aiming to make you develop more secure code. For the second year, TrueSec invites you to a dedicated security day at Øredev. Our security experts

Tagged with: , ,
Posted in General

Exploiting rootpipe again

Background and acknowledgement This full disclosure is based on my discovery of a privilege escalation vulnerability in Apple OS X called rootpipe. Read my full disclosure on rootpipe here for some background info. Big thanks to Patrick Wardle who inspired

Tagged with: , ,
Posted in General

Pawn storm – Oldest tricks in the book and we’re still falling for them

Unless you are well-versed in the world of IT-security you might not know what Pawn Storm refers to, or you might think it is a chess tactic. Pawn Storm is an espionage operation started by an unknown group of individuals

Tagged with: , ,
Posted in General, Hacking

Keep your Windows servers patched

Unlike Heartbleed and Shellshock, this vulnerability hasn’t gotten much attention. And so far it “only” results in a denial of service by crashing unpatched servers. The new vulnerability found (and patched) in HTTP.sys in Windows is super simple to exploit

Tagged with: , , , ,
Posted in Hacking

OS X 10.10.3 still vulnerable

I just wanted to notify our readers interested in OS X security about a new finding that Patrick Wardle has made. He stated in his blog that he’s able to exploit rootpipe on a fully patched OS X 10.10.3! If

Tagged with: , , ,
Posted in Hacking

Hidden backdoor API to root privileges in Apple OS X

TL;DR The Admin framework in Apple OS X contains a hidden backdoor API to root privileges. It’s been there for several years (at least since 2011), I found it in October 2014 and it can be exploited to escalate privileges

Tagged with: , ,
Posted in Hacking

JellyShelly – Hiding code in ImageJpeg processed images

I wrote this article for my own blog as well as a TrueSec newsletter some time ago. Now that we have a dev blog I thought it would be a good idea to republish this article with some new content.

Tagged with: , , ,
Posted in Hacking
Categories