Posts

Showing posts from December, 2015

Testing Joomla for CVE-2015-8562

Over the last couple of days I've been responding to question about Joomla's 0-day which has been gaining some attention lately. I decided to write a PowerShell script to check a Joomla server if it is running the at least 3.4.6 or 3.4.7. Hope you enjoy it and let me know your thoughts. ############################################################################################### # # Script: CheckJoomla.ps1 # By: Tim Muniz # Date: 20151222 # ############################################################################################### <# .SYNOPSIS This script checks Joomla Version to check if the remote host is vulnerable to CVE-2015-8562. .DESCRIPTION This script checks Joomla Version to check if the remote host is vulnerable to CVE-2015-8562. .PARAMETER target a host running Joomla to test. .PARAMETER Https To test a host running SSL/TLS.  This is an optional parameter. .EXAMPLE Check remote Joomla ...

Moving On

In the next couple of weeks I will be moving onto a position with Cisco Talos as a Research Engineer. I'm very excited about the move and the chance to work with an awesome group of people. I can't wait to get started and the move has rekindled the love I once had for staying up late to learn some new techniques. So here is a script I created to grab useful IR info from a Windows box with PowerShell. I guess you could also use it to grab info while doing pentests as well. It's very generic and crude as I'm just starting to get into PowerShell. # # Name: Win_IR.ps1 # Desc: Powershell script for gathering useful information for # performing IR on a Windows Host # # by: Tim Muniz # Date: 20151221 get-date -format s whoami hostname #Get Boot Time systeminfo | select-string -pattern 'System Boot Time.*' #Get Running Processes Get-Process | Format-Table #Get Registry Keys Get-ItemProperty -Path "HKLM:\Software\Microsoft\Windows\CurrentVersi...