Search the Community
Showing results for tags 'idea'.
Found 2 results
Hello all, This is my first ever post to the forum, but I hope it will prove to be more than helpful! Right, on to the point: I am currently working on an assignment where the target machine (Windows 7) is logged in with a user that is very limited. I cannot even call the Run Command dialog. Win+R keyboard combination is from an actual keyboard is not working either. The Windows Menu is empty and any commands typed in the lower part of the "Type to search.." bar do not execute. As a result GUI r and RUN WIN commands are a no go. Is there any other way to execute a payload/application that is stored on my $SWITCH_POSITION folder if I can not invoke the Run Command dialog? Regards, CloudCY
Hey, folks. I've tried using my LAN Turtle on a few engagements now, and while it's nice to show it plugged into a computer in the report, I rarely get much love out of it, and the shell feels too slow to be useful (guess that's why it's called a LAN Turtle! - It's a really slow shell!) Anyway - The idea that I wanted to float today is whether or not it would be possible to turn the LAN Turtle into a "TwinTurtle", similar to the "TwinDuck" firmware for the USB Rubber Ducky, but in this case, the LANTurtle would continue to be a USB-to-Ethernet adapter as well as acting as a HID device, so you could have a "blind terminal" into the machine it's physically plugged into. This could allow direct exploitation of the machine through powershell meterpreter, for example - The only problem I can think of is how to tell if the device is actually unlocked before sending the commands. So the reason I'm bringing this here is that I don't currently have the know-how to write a custom firmware which implements this sort of functionality, but I wanted to bring up the idea to the community, to see if this is something that is even possible, and if there are people willing and able to implement it.