Windows privilege escalation guide

Ryan McFarland writes on his blog: “Privilege escalation always comes down to proper enumeration. But to accomplish proper enumeration you need to know what to check and look for. This takes familiarity with systems that normally comes along with experience. At first privilege escalation can seem like a daunting task, but after a while you start to filter through what is normal and what isn’t. It eventually becomes easier to know what to look for rather than digging through everything hoping to find that needle in the haystack. Hopefully this guide will provide a good foundation to build upon and get you started.”

Read More

Windows Server 2019 – now available in preview

Yesterday (March 20th) was a big day for Windows Server! On behalf of the entire Windows Server team, Erin Chapple (Director of Program Management, Windows Server) announced Windows Server 2019 will be generally available in the second half of calendar year 2018. Starting now, you can access the preview build through Microsoft’s Insiders program.

Read More

A plea for WordPress plugin developers to stop supporting legacy PHP versions

A plea for plugin developers to stop supporting legacy PHP versions” (hear! hear!), Jeff Chandler writes on WP Tavern. Iain Poulson has published a thoughtful request on the Delicious Brains blog asking WordPress plugin developers to stop supporting legacy PHP versions. He covers some of the benefits of developing with newer versions of PHP, what Delicious Brains is doing with its plugins, and using the Requires Minimum PHP Version header in readme.txt.

Read More

Windows Server 2016 on Hyper-V stuck at stopping

… and the guest server VM won’t reboot

If a Windows Server 2016 guest VM on Hyper-V hangs while stopping after Windows Updates, it might be caused by the recovery debug information type set. Especially when you have moved the Windows PageFile to a different partition/VHDX.

Microsoft Support article KB307973 states:

You can configure the actions that Windows takes when a system error (also referred to as a bug check, system crash, fatal system error, or stop error) occurs. You can configure the following actions:
Write an event to the System log.

To take advantage of the dump file feature, your paging file must be on the boot volume. If you have moved the paging file to another volume, you must move it back to the boot volume before you use this feature.

Meaning, you must have a page file on the boot volume for automatic memory dump to work (this is on by default). So turn this option off if you don’t have a page file on your boot volume (set it to none). This fixed my reboot issues.

Reset the type of debugging information written to the log file.

The (none) option does not record any information in a memory dump file. To specify that you do not want Windows to record information in a memory dump file by modifying the registry, set the CrashDumpEnabled DWORD value to 0. For example, type the following information at a command prompt, and then press ENTER:

wmic recoveros set DebugInfoType = 0

This is only an issue if the PageFile is on a different VHDX. Here is a Microsoft forum references:

If necessary, kill TrustedInstaller.exe if the server is hung during reboot working on updates using Sysinternals Suite:

c:\path\to\pskill.exe \\servername TrustedInstaller.exe

Set WP_MEMORY_LIMIT value correctly in wp-config.php

WordPress developers: please stay away from WP_MEMORY_LIMIT and PHP memory_limit settings! We see this done wrong over and over in WordPress plugins and themes. One of such themes is the premium theme Jupiter by Artbees, or WPML as plugin. WordPress users: don’t touch these memory limitation settings either! They’re imposed for a reason. Here’s some explanation:

Read More

List all SPNs used in your Active Directory

There are a lot of hints & tips out there for troubleshooting SPNs, or Service Principal Names. Listing duplicate SPNs is fairly easy, just use setspn -X on your command-line and you’ll find out. But how do you find out which SPNs are used for which users and computers are used for this?

Read More

Help Net Security reviewed Acunetix 11

Acunetix 11 Review by Help Net Security. Acunetix is one of the biggest players in the web security arena. The European-based company released the first version of their product back in 2005, and thousands of clients around the globe use it to analyze the security of their web applications. They recently unveiled Acunetix version 11, so Help Net Security decided to take it for a spin.

Read More

14 queries, 0.151 seconds running PHP version 7.2.7