The latest news and research from the Nagarro Security team.

Find The CEO’s Email — in a cloud world

February 14, 2019 Péter Gombos
You’ve hacked it all, gotten domain admin, shelled every box that you can think of and ticked off all the objectives. But there’s a single one remaining: access to the CEO’s mailbox. Easy, you just jump to the CEO’s computer and get his password. Or crack the NT-hash you got from dcsyncing all the u... Read more...

Interactive Beginner's Guide to ROP

December 17, 2018 Vetle Økland
Return-oriented Programming (ROP) is a binary exploitation technique that leverages exisisting code in the binary in order to execute attacker code. To follow this post it might be useful to have at least a little understanding of x86 assembly. As most modern computers running on Intel chips... Read more...

SMB Named Pipe Pivoting in Meterpreter

October 29, 2018 Péter Gombos
A hidden feature of Metasploit, is the ability to add SMB Named Pipe listeners in a meterpreter session to pivot on an internal network. At least I think it’s hidden, as the only place I’ve found it documented is in the original pull request. While that pull request has all the details that you ne... Read more...

LM, NTLM, Net-NTLMv2, oh my!

February 20, 2018 Péter Gombos
When attacking AD, passwords are stored and sent in different ways, depending on both where you find it and the age of the domain. Most of these hashes are confusingly named, and both the hash name and the authentication protocol is named almost the same thing. It doesn’t help that every tool, post... Read more...

Panama Papers: Hackingen av Mossack Fonseca – hva bør vi bli minnet om når det gjelder sikkerhet?

July 20, 2016 Ryan Mattinson
Fra et cybersikkerhetsperspektiv er det ingenting overraskende i saken om Panama Papers, men den gir oss en viktig påminnelse om grunnleggende sikkerhetsprinsipper. Programvare vi er avhengig av har sårbarheter Én ting er sikkert: Det vil dukke opp nye sårbarheter i programvare vi er mest avheng... Read more...