Mimikatz integrated in the current Metasploit Framework is a little bit outdated. If you want to use the recent features (like plaintext RDP credential dumping), the Mimikatz Extension (called Kiwi) should be manually updated and compiled into the current framework. Here is how to do it. The Kiwi Extension The (in)famous Meterpreter shell…

I have read tons of articles about how does L3 multicast routing across subnets work, but none of them was complete for my scenario. Here is my solution. The Scenario I have two sites connected by (L3-routed) WireGuard VPN. If we want to browse a DLNA server (e.g. a NAS serving media…

The challenge “Baseline test” was a great reverse engineering challenge with hard difficulty at the Hungarian Cyber Security Challenge 2020 CTF Qualifiers hosted by the National Cyber-Security Center of Hungary on the platform Avatao Next. The challenge Points: 300 Difficulty: hard Answer some simple questions. Instructions The baseline test is an examination…

Installing an unsigned iOS app (what is the prerequisite of jailbreaking) using Linux with (semi-)legitimate tools. Consider the following situation: we have a factory-installed iOS device (iPhone 5S here) with a recent iOS version (12.4.8) and we want to jailbreak it. We have a Linux desktop (Arch Linux in the…

Recently I have lost an important phone number accidentally as a consequence of wiping the data partition of my Android device (due to an OS upgrade migrating from the official but unsupported LineageOS branch to my unofficial but up-to-date supported LineageOS builds). All of the data were backed up, but…