Skip to main content

Posts

Cracking password hashes on the cheap: How to rent online GPU resources for Hashcat

  Summary  In this post I will talk about how to make password cracking accessible to people who don't want to make the investment in video cards and GPU hardware resources. This post will mostly be a tutorial, geared toward people who are in a pinch and need to quickly standup a powerful hashcat environment. The problem that led me down this path I was recently working on an issue that required me to recover the password of a zip file. The zip file was created programmatically by a utility; which I had to the source code for. This meant I had the character set used and a fixed password length. I decided to fire up hashcat on my Mac Book Pro with my AMD Radeon Pro 560X. To my surprise, I was greeted with the error below; Against the advice of the error message, I used the --force syntax to override the error. This yielded no usable results, it ended up making hashcat unstable and produced some false positives (I thought I had cracked the hash quickly). After trying the to borrow s
Recent posts

Bypassing Windows Defender Antivirus in Windows Server 2016/2019

Summary In this post I will discuss a  Windows Defender Antivirus  bypass I discovered and reported to Microsoft on May 26th 2020. The bypass affects the current versions of Windows Defender deployed with Windows Server 2016/2019, where the Web Server role is installed. This post focuses on the road I took to get to the bypass as well, so for the TL;DR go to " Bypassing Windows Defender Antivirus 2016 using automatic exclusions"  section. Setting the stage I recently worked on a penetration test for an asp.net application. The setup was pretty standard for a small asp.net application, it was deployed in amazon AWS with a web tier and database tier. The web tier, where the application lived was configured on a Windows 2016 server with the Web Server role installed. This asp.net application integrated with a much larger suite of applications deployed in the same amazon AWS environment (14 other windows servers).  Below i've generated some screenshots from some test systems