Research & Development
$ #

@Hack CTF - impressions and ENIPTX (RE 500) writeup

Author: Adam Kliś, 19.01.2022

Recently p4 team (which includes a few of our coworkers) was invited to play the @Hack CTF Final - stationary CTF organized during @Hack conference in the capital of Saudi Arabia - Riyad. Here you can read about our impressions of the CTF and the writeup for one of the reverse engineering challenges - ENIPTX.

Read more...

PowerShell script, Unicode quotes and ウィンドウズ - a story of uncommon command injection

Author: Krzysztof Andrusiak, 14.09.2021

Can you see the difference between " and “ or ' and ‘ ? You can? You've got sharp eyes! Well, PowerShell can't see it. Now, imagine an application which inserts user-provided input into string in dynamically generated PowerShell script while sanitizing only "typical" quotes... Sounds like trouble? RCE handed on a silver platter? But hold your horses, it's not that easy!

Read more...

BoobSnail - Excel 4.0 macro generator

Author: Marcin Ogorzelski, 25.05.2021

Excel 4.0 XLM macros are useful for the Red Team. But it is often the case that when using publicly available generators, samples are detected. Then you usually have to invent your own techniques or modify existing ones. Another problem is the Excel language. If the target's Excel is set to a language other than […]

Read more...

The first step in Excel 4.0 for Red Team

Author: Marcin Ogorzelski, 16.04.2021

As Excel 4.0 is becoming more popular, more and more attackers use it in phishing campaigns. In this blog post, we will dive into the topic of Excel 4.0 macros and learn about techniques that are useful during Red Team and analysis. Additionally, we will present to you our new tool that will assist you […]

Read more...