Wylie Bayes

Wylie Bayes

Powershell

Abusing Tenable Nessus / Security Center with Audit Files and Powershell. #Nessus #Infosec #ExploitDelivery #RBACBypass #InsiderThreat

Title: Abuse of Tenable Nessus/Security Center with Audit Files and Powershell. Class: Exploit Delivery System/RBAC Bypass/Insider Abuse/Pivot Vector. Signed PDF with Keybase PGP key Wylie's PGPKey Date Published: 2017-07-27 Last Update: 2017-06-22 Vendors contacted: Tenable Network Security - https://www.tenable.com * 2016-12-05 -
5 min read
Powershell

Fix windows unquoted service path enumeration vulnerabilities with #Powershell

Here is a function to fix windows unquoted service path enumeration vulnerabilities automatically with powershell! Cheers! function fix-servicepath { $hosts = get-content C:\Users\*****\Documents\WindowsPowershell\Servers.txt foreach ($box in $hosts) {     $services = $null     $services = get-wmiobject win32_service -computername $box     foreach ($service in $services){ $Displayname = $service.DisplayName        if (($service.PathName -like "