injection, mitm, network, packet, Syphoon, Windows, WSUS -

Context Some time ago we published an important update to Syphoon, featuring the new dynamic socket injection system. In short, this allows using Ruby code to generate content on the fly for context-dependent injections. Taking things further To demonstrate the power of dynamic injections, we thought we'd publish a new release of Syphoon, this time including some new scripts. Specifically, two new scripts are provided to attack the Windows Update system (WSUS) when configured to use HTTP. wsus-inject-cmd This first script simply allows running commands (through cmd.exe) as 'NT AUTHORITY/SYSTEM' on any client machine requesting WSUS through HTTP. This is...

Read more