Active Directory Takeover via CVE-2021-42287 & CVE-2021-42278
A new year and a yet another way to take over Microsoft Active Directory. Back in November…
Setting up a Log4Shell Lab CVE-2021-44228
A recently discovered vulnerability in the popular java logging tool Apache Log4j has been made public and…
Troubleshooting SIP/2.0 488 Not Acceptable Media
Last week I had an interesting issue with one of our SIP Voice circuits. Calls to a…
VMware VCenter CVE-2021-22005 File Upload Vulnerability PoC
Say what now? Another one! VMware announced last week in its monthly security advisory VMSA-2021-0020.1 there is…
Poor Performance of Microsoft Access to SQL Server over a WAN Link
It’s been a while since I’ve had to troubleshoot application performance over a latent WAN connection. So…
AD CS ‘PetitPotam’ Relay Attack Using Mimikatz and ntlmrelayx
Hot on the heels of PrintNightmare, there is yet another way to take over Active Directory. Petit…
PrintNightmare Privilege Escalation CVE-2021-1675 PoC
OK so this one is doing the rounds on Twitter. A couple of researchers accidently released their…
VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC
VMware first announced on the 25th of May a remote code execution vulnerability in VCenter server’s VSAN…
Create A Custom Call Variable Layout for UCCX Finesse Desktop
Continuing on with yet more Voice, I recently cutover to a new UCCX 12.5 cluster. As part…