Liam
625 posts
Liam
@OneLogicalMyth
Experienced sysadmin now cyber security consultant, pen tester & ethical hacker. Keen scripter especially in PowerShell and Python. Tweets are my own.
UK เข้าร่วม Ekim 2011
262 กำลังติดตาม424 ผู้ติดตาม
Liam รีทวีตแล้ว
Summer holidays? No, design the sponsor packs! Ok!! Drop us a DM, if you want to be on the list to see the packs first! #sponsorrrrrrrrrrrr
GIF
English
Liam รีทวีตแล้ว
Eek, we've sold out of our early bird tickets for this year's conference! 🐤❌
We're running with a reduced upper capacity this year, so make sure you grab yourself a ticket! 🏃♀️🏃♂️
Speaker pages will start being published this Sunday.
conference.techexeter.uk
English
@RichBartlett @NCCGroupInfosec Glad you enjoyed it. Thanks for attending.
English
Don't forget badly configured permissions can sometimes allow read access to LAPS passwords. Updated my HTA shell to enumerate this for you.
github.com/nccgroup/OneLo…
English
@PyroTek3 Compounded by software vendors assigning 'Domain Admins' as the administrators of the application. Ideally a new group should be created instead, so many applications just add in domain admins as the administrative group. They're for the domain not applications...
English
Here's the really crazy thing:
NO service account should be in Domain Admins in 2021.
Take a journey with me in this Thread to see why...
Sean Metcalf@PyroTek3
Your occasional reminder that the following do not require AD admin (DA, etc) rights: * Cisco * Exchange * LDAP Bind * SQL * VMWare (& related) * Accounts need local admin on workstations (use Workstation Admins) * Accounts need local admin on servers (use Server Admins)
English
Liam รีทวีตแล้ว
Software is used in Radar systems open to unauthenticated remote compromise in 2021. Our long tail of technical security debt is very real..
NCC Group Research & Technology@NCCGroupInfosec
Technical Advisory: Sunhillo SureLine Unauthenticated OS Command Injection (CVE-2021-36380) - Sunhillo is an industry leader in surveillance data distribution and this can result in remote compromise - by Liam Glanfield - research.nccgroup.com/2021/07/26/tec…
English
Liam รีทวีตแล้ว
Technical Advisory: Sunhillo SureLine Unauthenticated OS Command Injection (CVE-2021-36380) - Sunhillo is an industry leader in surveillance data distribution and this can result in remote compromise - by Liam Glanfield - research.nccgroup.com/2021/07/26/tec…
English
@Greg_Dickinson @easyJet do you have any comment on this? Due to fly tomorrow. What have you been told?
English
@Greg_Dickinson Is this from the government? I see no official advice and due to fly tomorrow. Flights not cancelled either.
English
The Canary Islands have been removed from the UK's travel corridors list.
Terrible news for holidaymakers and terrible news for travel firms, clinging on for dear life.
Has your holiday been affected? We want to hear from you. #journorequest greg.dickinson@telegraph.co.uk.
English
. @forwardmx_io is this actually you?!?!
I'm amazed at your email that I woke up to this morning. Furthermore the reset password link is actually an analytics link.
English
@ZephrFish It's a bit old but still functional with some tweaks if you want a local lab. Edit the XML files to how you want it structured etc. It was built for 2012 R2 at the time but in theory should work for 2016 I think...
github.com/OneLogicalMyth…
English
Liam รีทวีตแล้ว
Have published RedacTerm in case others find it useful. Allows you to edit terminal output ready for screenshots - highlight key areas and redact sensitive info.
github.com/bao7uo/redacte…
GIF
English
Found some old code. During lockdown you might be wanting to dust off some old hard disks and sort those photos. Thought I would share my script. Uses a checksum to validate the copy or if it's a duplicate.
github.com/OneLogicalMyth…
English
Liam รีทวีตแล้ว
Tomorrow's planned @DC441392 is still going ahead, albeit virtually via Zoom (and yeah, I know not everyone likes zoom). The meet is not being recorded, and has been secured. If anyone in my normal circle would like to hang out with us infosec types from 7pm, HMU for an invite
English
Liam รีทวีตแล้ว
Something both Andrew & I feel strongly about is paying things forward. So if you are a business who has implemented work from home and a bit concerned about the potential security risks, Fidus will complete a FREE VPN Security review. linkedin.com/posts/kurtisab…
English
Updated my HTA shell to support displaying file permissions. Hyperlink added to schedule tasks and file browsing to make it easy.
Also uploading and downloading files via HTTP. Saves having to use other tools that might be blocked.
@NCCGroupInfosec
github.com/nccgroup/OneLo…
English
Liam รีทวีตแล้ว
📚 tl;dr sec #12
* SameSite ☠️ CSRF
* @MITREattack Cloud Matrix
* @owasp Global AppSec Amsterdam vids posted
* HTA shell for breakout assignments by @OneLogicalMyth
* r/websecurityresearch from @PortSwigger
* @trailofbits Fall Update
and more!
programanalys.is/blog/tldr-sec-…
English