TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Black Hills InfoSec

Exploit Development – A Sincere Form of Flattery

Kassie Kimball · 2023-02-09 · Read original ↗

ATT&CK techniques detected

4 predictions
T1190Exploit Public-Facing Application
96%
“was not made easier by the fact that i did not initially have access to directly experiment with the vulnerable system. instead, i relied on a simple http server running on a machine i controlled, just to get the conversation structure set up properly before running it live again…”
T1040Network Sniffing
93%
“an idea that led us down the road to our eventual destination of having a working exploit. monkey see ( pcaps of nessus ) dale was able to configure his vulnerability scanner to just run the specific plugin. he began a packet capture ( pcap ), ran the limited vulnerability scan, …”
T1068Exploitation for Privilege Escalation
75%
“with all of that out of the way — it ’ s party time. vulnerability details let ’ s start this adventure by looking at what nessus has to say about this vulnerability. nessus plugin id 59642 details that the vulnerability allows privileged command execution through an unauthentica…”
T1190Exploit Public-Facing Application
74%
“the else block shown below. the following screenshot shows the final sequence / acknowledgement number update function : after sending dale the modified exploit, i logged off for the day to enjoy the rest of my saturday. i woke up the next morning to an unexpected message from da…”

Summary

moth // Recently, BHIS penetration tester Dale Hobbs was on an Internal Network Penetration Test and came across an RPC-based arbitrary command execution vulnerability in his vulnerability scan results.  I […]

The post Exploit Development – A Sincere Form of Flattery appeared first on Black Hills Information Security, Inc..