• Home
  • Resume
  • About
  • Contact
  • PGP Key
Blog Logo

Wylie Bayes

Geek things

OpenBSD Powershell Blog

Tag: Blog

Abusing Tenable Nessus / Security Center with Audit Files and Powershell. #Nessus #Infosec #ExploitDelivery #RBACBypass #InsiderThreat

27 Jul 2017 Powershell • Blog
Title: Abuse of Tenable Nessus/Security Center with Audit Files and Powershell. Class: Exploit Delivery System/RBAC Bypass/Insider Abuse/Pivot Vector. Signed PDF with Keybase PGP key Wylie's PGPKey Date Published: 2017-07-27 Last Update: 2017-06-22 Vendors contacted: Tenable Network Security - https://www.tenable.com 2016-12-05 - First notification sent by Wylie Bayes to Tenable Consultant Jack Daniel. 2016-12-07 - Acknowledgement of first notification received from Tenable team. 2017-01-04 - Sent follow up email for progress update to Tenable…
Continue Read

Quick and dirty #Powershell forward and reverse #whois.

28 Feb 2017 Blog • Powershell
Just a real quick way to do whois lookups on domains, and IP addresses, in Powershell. Forward lookup uses Webservicex.net, and reverse uses Arin.net. function whois($site) { #Syntax: whois google.com $web = New-WebServiceProxy ‘http://www.webservicex.net/whois.asmx?WSDL’ $web.GetWhoIs("$($site)") } function rwhois($ip){ #syntax: whois 8.8.8.8 $baseURL = 'http://whois.arin.net/rest' $url = "$baseUrl/ip/$ip" $r = Invoke-RestMethod $url $r.net } Cheers!…
Continue Read

Checking #Lastpass saved sites for #Cloudflare with #Powershell. #Cloudbleed #Infosec

24 Feb 2017 Blog • Powershell
So as everyone already knows there was a huge leak of data for months for websites who use Cloudflare services. To make my changing of passwords a bit easier, and more focused / targeted I put together a little setup to check all of my Lastpass saved sites for Cloudflare name servers. First I exported my Lastpass information to a .txt format from their website export feature. Then I used a quick and dirty parsing -replace feature of powershell to clean…
Continue Read

#VMWare Killing Stuck, or Hung tasks with #Powershell #PowerCLI

21 Feb 2017 Blog • Powershell
Recently I ran into an issue where a Powered Off VM was stuck in a vMotion host migration for over 3 days. I assume that the VM was powered off during the migration, which is what caused it to hang. Afterwards two backup job snapshot tasks were also in queue on top of the migration task. I spent about 10-15 minutes in the GUI trying to find how to kill or stop this task, unsuccessfully. The only option I could…
Continue Read

Adventures with Hyper-V, Information Security, Route Hijack, Exfiltration, and Compromise. #HyperV #Microsoft #Compromise #Exfiltration

20 Dec 2016 Blog
Microsoft has confirmed there is a mitigation already in place by going to settings for a VM go to Network Adapter -> Advanced Features -> DHCP Guard and enable it. "It is not disabled by default due to it being a performance impact"? I personally powershell to just disable DHCP on the interface. Like: "Set-NetIpInterface -ifindex 2 -Dhcp Disabled, where ifindex 2" where ifindex is the "Internal" vSwitch type. The goal of…
Continue Read

Fix windows unquoted service path enumeration vulnerabilities with #Powershell

20 Dec 2016 Powershell • Blog
Here is a function to fix windows unquoted service path enumeration vulnerabilities automatically with powershell! Cheers! function fix-servicepath { $hosts = get-content C:\Users\*****\Documents\WindowsPowershell\Servers.txt foreach ($box in $hosts) {     $services = $null     $services = get-wmiobject win32_service -computername $box     foreach ($service in $services){ $Displayname = $service.DisplayName        if (($service.PathName -like "* *") -and ($service.Pathname -notlike '"*"*') -and ($service.PathName -like '*.exe')) {         $box         $service.PathName         write-host "Changing Path to be quoted:"         $NewPath = $service.Pathname         $newservicepath…
Continue Read

HP OA, Netapp, and Vmware environment monitoring with #Powershell

20 Dec 2016 Powershell • Blog
Here is a custom script I made to check HP Onboard Administrators, Netapp Controllers, and vCenter servers for health issues in Powershell. Cheers! This relies on a few things first: VMWare PowerCLI 5.5+ Netapp DataOnTap 4.0 modules HP OA Powershell Cmdlets to function properly. If you want to capture VM Snapshot alarms you must create an alarm in your vCenters called “VMSnapshot Running” . I personally set mine to if the snapshot is 2GB or larger, trigger the alarm.…
Continue Read

Disable DHCP on Hyper-V created vSwitch Host NICS. #hyperV #dhcp #hosthijack

20 Dec 2016 Powershell • Blog
So playing with Hyper-V the past few weeks quite a bit and noticed that when creating a vSwitch, no matter if External and bridged to a real NIC on the host or not, it will create a NIC on the Windows host machine correlating to the vSwitch in Hyper-v. If you create a virtual machine, and attach it to the vSwitch, and this virtual machine is running a DHCP server, your HOST NIC for that vSwitch will pull a DHCP…
Continue Read

VPN Bonding: Pushing through the challenges!

20 Dec 2016 Blog
New Foundations #1 – VPN Bonding – Pushing through the challenges. by Wylie Bayes VPN Bonding Hey everyone! Wylie is back in action and this topic is all about VPN bonding and the challenges you can face when coming up with a solution that is right for your organization. I know many organizations are still utilizing private leased lines from phone companies such as Century Link. These private lines can cost a place a fortune, especially with multiple locations involved. Not to…
Continue Read

Network Wide Transparent Proxying with #OpenBSD #Proxy #webfiltering

20 Dec 2016 Blog • OpenBSD
Network Wide Transparent Proxying By: Wylie Bayes & Brandon Folchi The purpose of this article is to guide anyone who is interested in setting up their own transparent proxy capable of filtering outbound web-browsing of all devices on a network. While researching options to accomplish this we came across a program called DansGuardian. DansGuardian is an open source web content filter that runs on multiple ‘Unix like’ platforms. The concept behind this application is to truly filter the content the…
Continue Read
Page 1 of 2 Older Posts →
All content copyright Wylie Bayes © 2021 • All rights reserved.
Theme By GTheme