Vulnerability
TriOp update - version 1.1
· โ˜• 2 min read
Iโ€™ve published version 1.1 of TriOp today. Iโ€™ve added CVEs for the recent Exchange vulnerabilities to the vulnerability search list, since Shodan is now capable of detecting systems affected by them. In response to a request from the CSIRT community, Iโ€™ve also added the option for use of arbitrary filter along with a list of parameters...

Most common vulnerabilities based on Shodan scans
· โ˜• 3 min read
My recent post on the Internet Storm Center website about the surprisingly high number of systems still affected by critical vulnerabilities, which have been patched for a long time, received quite a positive feedback. I have consequently decided to take a look at the issue in a more comprehensive manner and since I didnโ€™t know, which vulnerabilities Shodan was able to detect, Iโ€™ve used my TriOp tool to gather data for all of the approximately 190k CVEs ever published. After couple of days the script took to run, I have the results and they are quite interestingโ€ฆ

SANS ISC Diary - Crashing explorer.exe with(out) a click
· โ˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles self-referential links, which makes it possible to use specially crafted URL and LNK files to crash Explorer.

CrisisCon - Breaking Windows
· โ˜• 1 min read
Videos of all presentations from last weeks CrisisCon are now accessible on Youtube. Among them is my own talk on known unpatched vulnerabilities and weaknesses in Windows. If you couldn’t make it to the online conference, I recommend you at least go through some of the recordings as couple of the talks were quite interesting.

SANS ISC Diary - Desktop.ini as a post-exploitation tool
· โ˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool.