This is going to be short and sweet. If you’re trying to do the “Update and Restart” option on Windows 10, via the command line, it appears that you can run the command “MUSNotification.exe Reboot” and it will trigger the install/reboot. This is useful for forcing the update to, say, Windows 10 22H2 from a […]
Force Update & Restart on Windows 10 via CLI Read More »
After 2 years of waiting, I finally received the Flipper Zero (F0) I backed via Kickstarter. The F0 is also known as “the tamogatchi for hackers”. I spent some time getting to know the device and noticed that one thing missing was the ability to scan and tx/rx Bluetooth Low-Energy (BLE) traffic for testing. The
Debugging Flipper Zero Firmware with ST-Link v2 Read More »
Before anyone comments about this being a bad idea, let it be known that I’m not responsible for any trouble you may get in for doing this. I’m part of the hacking team at my organization, so this is the type of thing I’m supposed to be doing, but unless you are too, I’d probably
iOS 13 MDM/DEP Bypass (using Checkra1n jailbreak) Read More »
While on a recent penetration test, I discovered a digital signage system made by Tightrope Media Systems (TRMS). The client was using this software on an appliance provided by TRMS which was essentially an x86 Windows 10 PC. I was able to gain access into the web-interface of this system due to an unchanged default
Vulnerabilities in Tightrope Media Systems Carousel <=7.0.4.104 (and likely newer) Read More »
Several weeks back, I decided to re-explore the concept of hardware devices for storing GPG keys. The Yubikey Neo, 4, and 5 all have this functionality (with varying key-length options depending on the model), but these devices are not inexpensive ($40+, though Wired magazine has been running a deal for the past several months where
Converting a Cheap ($2) ST-Link v2 Clone into a Hardware GPG Key Read More »
When trying to enable scheduled jobs via cron on VMware VCSA 6.5 I kept seeing the errors below, and my job would not run. 2017-04-19T09:56:01.996673-04:00 VCSA crond[104661]: PAM _pam_load_conf_file: unable to open config for password-auth 2017-04-19T09:56:01.996797-04:00 VCSA crond[104661]: PAM _pam_load_conf_file: unable to open config for password-auth 2017-04-19T09:56:01.996907-04:00 VCSA crond[104661]: PAM _pam_load_conf_file: unable to open config for
Fix for Cron Failing on VMware vCenter Server Appliance (VCSA) 6.5 Read More »
We had an issue at work where VPN users are having intermittent difficulty reaching servers due to a subnet conflict, ie the VPN network is 192.168.1.X, and so is the LAN they’re connecting from. It displayed itself in a strange way: application connections would fail repeated attempts, but after pinging the servers in question the
Solution for Subnet Conflict Between VPN and LAN Read More »
Today I’ll demonstrate how to install the Nginx webserver/reverse proxy, with the ModSecurity web application firewall, configured as a reverse SSL proxy, on CentOS 7. This is useful in scenarios where you are terminating incoming SSL traffic at a centralized location and are interested in implementing a web application firewall to protect the web servers
Nginx (Reverse SSL Proxy) with ModSecurity (Web App Firewall) on CentOS 7 (Part 1) Read More »
I wrote a Python script today to mass-mail files to our clients. Our wonderful ERP system screwed up again, leaving us with PDFs of the information we needed to send out, the filenames being prefixed with a unique ID per-recipient. Rather than re-generate all documents and have them sent out properly (which likely wouldn’t have
Python – Mass-Mail w/ Attachment Read More »
TL;DR – Disable IPv6 for the network adapter I moonlight as the CIO of a startup owned by some friends in my spare time and decided last year that the best solution for a new business that didn’t want to invest any capital in computer hardware was cloud computing. Their needs were fairly basic –
Office 365 Outlook Configuration Problem Read More »