Skip to main content


Automated firewall manager for multiple windows devices

Code can be found here . For the upcoming CCDC regionals, I'll need to manage multiple different windows machines and servers. In the state competition, I had made a simple script that created some basic firewall rules mostly targetting Active Directory services. I then applied these to both the Windows server 2012 DC and the Windows server 2016 Hyper-V/Docker machine. The rules worked fine for both, especially considering that I decided to 'reduce my threat surface' by removing the net adapters from the Docker box. However, for regionals, I'll be managing multiple Active Directories, Exchange servers, and Docker at the very least.  Having a rigid script that applies the same firewall rules to every box won't work as well as it did in state, and creating a new script for each machine is too time-consuming. So I decided to create something that could detect what services and roles were installed on a given machine and then install the necessary firewall rules based o
Recent posts

Using Zerologon to exploit and dump credentials from a Windows 2012 AD server

EDIT: Related video made for a class The CCDC qualifiers are over now, and my team got 1st! That being said, towards the end of the day, we noticed a lot of suspicious traffic coming to the AD box. While I couldn't figure it out during the competition, it turns out that the red team had been using the zerologon exploit . After we got back, I wanted to learn the ins and outs of this exploit in order to prevent myself from getting hit with it again at the next competition. Turns out, it's relatively easy to set up and execute using Impacket and Risksense' zerologon script.   For the testing environment, I have a Windows lab consisting of a 2012 AD, 2019 Email server, 2016 Docker/Hyper-V box, and Windows 10 and 7 machines. This setup is for CCDC prep and is designed to mirror the environments and machines used in the competition. I also have a kali box running on the same network as the Windows machines. This is what staged the attacks on the 2012 AD server.   To begin with,

Port Scanner in C (and some updates)

 It's been a while since I last updated this blog. School and CCDC have really been eating at my time. Contrary to the earlier style of the blog, I plan on keeping things more informal and casual. I'm transitioning this into more of an archival type of thing. A place to keep track of my notes and projects, as well as a place to document my thoughts at the time. Posts will be infrequent and likely quite random. For this post, I'm going to write about a little port scanner I wrote for an entry-level C course. As a little background, the only experience I have with C comes from C++ in a high school course some 7 years ago. So I was fairly excited to start this class and dig in a bit deeper.  The Project For our final project, we needed to create a program and present on it. I wanted to combine what I was doing in my networking class and my C class, so I went with something I thought would be simple enough. A port scanner.  Turns out, writing a port scanner when the most advanc

Using PGPy to encrypt and decrypt files and messages

 PGPy is a library for python that enables the creation, storage, and encryption/decryption of PGP keys and files in python. Recently, in a small project to reacquaint myself with python, I used PGPy for key generation and encryption and decryption. That project can be found in my github at . The goal of the project was to use command-line switches to control the program, and to provide basic encryption and decryption capabilities, along with rot13 and base64 encoding.  First, to load in a key use key, _ = pgpy.PGPKey.from_file(keyfilename) . This loads the key from either a binary or ASCII armored file. You can swap out .from_file for .from_blob , if you plan on using a key stored in a string or bytes object rather than a file. In my example code, I pull the key from a file, as I found it to be the simpler method.  Next, you'll need to open a file or create a string or bytes object that contains the message you wish to encrypt. We'll call this file

Installing the Ubertooth on the Mac mini M1

 For my video project, one of the demonstrations included using an Ubertooth One to scan for Bluetooth and BLE packets. This blog post will cover the installation of the Ubertooth One on the Mac mini M1. The official install guide for Mac devices didn't work very well for me, and I had to install some extra tools in order to get it to work. The examples assume you are using Python 3, and have homebrew installed.  To begin, follow the instructions found here: . Additionally, you may find that you need to install pytq5, numpy, and qtpy. To do this, simply run   Python3 pip install pyqt5, numpy, qtpy . This will install the required libraries needed to run the Ubertooth tools. There are multiple ways to install pip on an OS X device, and I suggest following any of the methods here . Next, you will need to update the firmware of the device. When downloading the tools, a firmware directory should also have been created. W

Malware analysis series by John Hammond

John Hammond, a YouTuber and Cybersecurity researcher, has a series on Youtube where he analyses malware artifacts and discerns their purpose and method of attack. For most of these, he gets access to known malware files, and then blindly goes through them, de-obfuscating and cleaning them up, in order to present a readable version that can be analyzed. I personally find these videos very exciting and entertaining, as well as incredibly educating. He also has several other series and interesting videos on his channel that I highly recommend for anyone interested in software security and other general security topics.  Link:

Clubhouse App phone number leak

 Recently, on a certain site, a database was posted for sale featuring 3.8 billion phone numbers leaked from the popular app Clubhouse. This database not only includes the phone numbers of the app's users but also of the user's contacts list. The database by itself is mostly harmless though, as the only fields it contains are the numbers themselves. There doesn't seem to be any attached information like names or addresses. It will be interesting to see if more information shows up in another post. If one person or group is able to extract phone numbers, it reasons that others may be able to extract further information.  Article Link