Home
Culbert Report
Cancel

HTB - Nest Writeup

    This was my first Hack The Box challenge and I've been waiting for so long to post this. It took a lot of work and a lot of trying to work through problems I created for myself, ...

MSHTA Files & Exploitations

What is it:Microsoft HTML Application Host and CHM files. The program is located at C:\Windows\SysWOW64An outdated relic on Windows machines used to host help documents.Microsoft has documented tha...

What Is Microsoft.Workflow.Compiler.exe And Why Should You Disable It

What is it?This is a built in function for C# in Microsoft Windows that essentially allows arbitrary unsigned code execution. It is part of the .NET framework and it works by combining a serialized...

Phishing Redirects Through Google URLs - Patched out as of 3/19/19

I came across an interesting attack recently when browsing any.run submissions.It was a PDF that had a hyper link in it to click.The link went to appengine.google.com - a pretty innocuous URL. Anyo...

Designing Stable C2 Architecture

C2 Architecture is one of the most important aspects of the APT world.Proper C2 architecture lets you subvert IDS, antivirus, and network analysts.It lets you exfiltrate data. It lets you move late...

Breaking Out Of Dell Wyse 30 Series ThinClients & How To Stop This

<div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="...