[email protected]      0333 939 8080

Jumpsec Labs
Jumpsec Labs

JUMPSEC LABS

The JUMPSEC Lab is a place where the technical team get creative and showcase their latest security research, publications, interesting news and general thoughts!  We love what we do and are passionate about security, with some great upcoming projects planned, bookmark our site and stick around to see what we are working on.

Breaking into Libraries – DLL Hijacking

by Patryk Zajdel | Oct 24, 2024 | ,

Breaking into Libraries - DLL Hijacking Many of us have likely encountered DLL errors when trying to open Windows applications. If you were like my younger self, you might have naively downloaded a missing DLL from sites like dll-files.com and placed it in the application directory without giving it a second thought. This blog post will examine the risks associated with this approach. Dynamic Link Library (DLL) hijacking is a common occurrence that impacts Windows-based applications. This attack isn't new; Microsoft acknowledged it in an advisory back in 2010 (Dark Reading). It takes advantage of the way Windows loads DLL files, allowing malicious actors to inject harmful code into legitimate software processes. By manipulating the search order for DLL files, attackers can deceive an application into loading a malicious DLL, leading to unauthorised code execution, data theft, or even...

read more
Putting the C2 in C2loudflare

Putting the C2 in C2loudflare

tl;dr How to bring up an entire C2 infrastructure with all your tooling and their corresponding redirectors within 5 minutes with the help of Azure Snapshots, Cloudflare and Tmux...

read more
Bullet Proofing Your Email Gateway

Bullet Proofing Your Email Gateway

In this labs post, I will introduce you to modern security controls that are currently used (but not always correctly) by the vast majority of enterprises, and hopefully by the...

read more

Bypassing Antivirus with Golang – Gopher it!

by warden | Jun 20, 2019 | ,

In this blog post, we’re going to detail a cool little trick we came across on how to bypass most antivirus products to get a Metepreter reverse shell on a target host. This all started when we came across a Github repository written in Golang, which on execution could inject shellcode into running processes. By simply generating a payload with msfvenom we tested it and found that it was easily...

read more

Enhanced logging to detect common attacks on Active Directory– Part 1

by bugsbunny | Feb 6, 2019 | ,

In this blog post I am going to tackle the topic of detecting common attacks using Active Directory logs. It is important to understand the power of data in InfoSec world. Too much data means you’ll be spending rest of the week digging through millions of log entries to try and figure out what the adversary was up to. You can set filters to help you through this, however it can get...

read more

Short introduction to Network Forensics and Indicators of Compromise (IoC)

by | Jun 28, 2016 | , , , , ,

“Indicator of compromise (IOC) in computer forensics is an artifact observed on a network or in an operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs or domain names of botnet command and control servers. After IOCs have been identified in a process of incident response and computer...

read more

CVE 2015-7547 glibc getaddrinfo() DNS Vulnerability

by Ed Chan | Mar 7, 2016 | , ,

Hello w0rld! JUMPSEC researchers have spent some time on the glibc DNS vulnerability indexed as CVE 2015-7547 (It hasn’t got a cool name like GHOST unfortunately…). It appears to be a highly critical vulnerability and covers a large number of systems. It allows remote code execution by a stack-based overflow in the client side DNS resolver. In this post we would like to present our analysis....

read more

Research and Development

by | Jan 28, 2016 | , , ,

Hello w0rld. On this post we would like to let you know our areas of research and the research projects that we are working on currently. For 2016 we are planning to develop tools that will be used in our tests. Our areas of interest can be highlighted as: AntiVirus Detection and Evasion techniques (sandbox detection, etc) Packers, anti-debugging, anti-disassembly and binary obfuscation Network...

read more

Covert channels – (Mis)Using ICMP protocol for file transfers with scapy

by | Apr 24, 2015 |

Hello w0rld. In this post I will show how it is possible to (mis)use ICMP protocol for file transfers with scapy. “In computer security, a covert channel is a type of computer security attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy.” Source: Wikipedia I have to give...

read more

Microsoft Onenote Image Caching Bug (Confidential Information Leakage)

by Observer | Mar 1, 2015 |

Bug Summary A security bug in the Microsoft Onenote allows images placed in user-created password-protected sections to be cached persistently in the user profile temporary directory folder: C:\Users\%username%\AppData\Local\Temp.  Analysing the content the temporary folder will reveal images that should be securely protected by Onenote.   Bug Scope This has only been tested with Microsoft...

read more

Ghost In The Shellcode 2015 CTF: Write-up for cloudfs challenge

by | Jan 19, 2015 |

Hello there, in this post I will describe how I solved the cloudfs challenge of Ghost In The Shellcode 2015. This challenge was under the Forensics category and was awarded 200 points (middle ground!). It wasn't so hard, and someone could argue that shouldn't award the same points with "the alpha molecular" or the similars from the crypto category but it's okay (it's very common actually in...

read more

GitHub Activity

 

Twitter

·
@
View on Twitter

Latest from JUMPSEC

Disclaimer

The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.

Jumpsec, Unit 3E – 3F, 33 – 34 Westpoint,
Warple Way, Acton
W3 0RG

To learn more about JUMPSEC's services please get in touch:

Give us a call: 0333 939 8080

Send us a message: [email protected]

To learn more about JUMPSEC'S services please get in touch:

Give us a call: 0333 939 8080

Send us a message: [email protected]

Jumpsec, Unit 3E – 3F, 33 – 34 Westpoint,
Warple Way, Acton, W3 0RG

© JUMPSEC 2020 | Privacy Policy
JUMPSEC Ltd. is a company registered in England and Wales. Registered Address: 1 Golden Court, Richmond, Surrey, TW9 1EU. Registration Number: 08327063