Recently I needed to parse some data embedded in HTML. At first glance it appeared to be JSON, so after pulling the text out of…| GrimBlog
Believe it or not, despite the fact it is 2016 I am still finding LanManager (LM) hashes on internal networks during penetration tests. Although in my experience it is becoming more frequent that L…| GrimBlog
A recent zero-day vulnerability has been publicly shared revealing a critical issue with the nginx-ldap-auth software package allowing attackers to potentially bypass authentication and disclose ke…| GrimBlog
Some time ago I encountered an error in my python code interacting with a Postgresql database: psycopg2.ProgrammingError: can’t adapt type ‘method’ The above exception was the dir…| GrimBlog
Some time ago I came across a site that was using xdLocalStorage after I had been looking into the security of HTML5 postMessage. I found that the library had several common security flaws around l…| GrimBlog
Python script to parse directory and file names from a .DS_Store file.| GrimBlog
TLDR: Domain Users permitted to authenticate to Microsoft SQL databases can use the limited privileges they are granted to run a stored procedure. The stored procedure can be used to send the datab…| GrimBlog
As you would expect, office printers are often identified when conducting a penetration test of an office network. These devices often seem to be overlooked as there are usually more interesting an…| GrimBlog
John the Ripper is an excellent password cracking tool that I regularly use during penetration tests to recover plaintext passwords from multiple hash formats. I recently started building a new ded…| GrimBlog
TLDR: There is a simple username enumeration issue in Office365’s ActiveSync, Microsoft do not consider this a vulnerability so I don’t expect they will fix it, I have written a script …| GrimBlog