Show more

I might have just made a Hackers reference while preparing the WannaCry slides. I regret absolutely nothing. That movie is my favourite

Show thread

- I am a Senior Pen Tester at a Fortune 500 financial firm. You would think this means that I know something about pen testing, but it turns out it's astonishing how far beauty and charm will take you.

@tinker It's a shame it's a tiiiiny bit crashy. EternalRomance is a hotter vuln (when you have access to named pipes) because it's crash free. We should probably port it to metasploit at some point >.> Or someone should.

In the meanwhile, I use sleepya_'s zzz_exploit.py when possible, because it's guaranteed crash free:

github.com/worawit/MS17-010

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.