Luke jennings

Luke Jennings
2 Apr 2015

How to own any Windows network with group policy hijacking attacks

Group policy hijacking attacks can compromise Windows networks by intercepting and manipulating group policy traffic. The attacks exploit vulnerabilities in SMB signing and Kerberos authentication to gain SYSTEM-level access on domain-joined systems. Multiple attack vectors allow attackers to modify group policy settings and execute arbitrary code on target networks.

Luke Jennings
13 Feb 2015

Practically Exploiting MS15-014 and MS15-011

The article details two Microsoft vulnerabilities (MS15-011 and MS15-014) that enable remote code execution on domain-joined Windows systems. These vulnerabilities can be exploited through a two-stage attack method to gain SYSTEM-level access by manipulating group policy and SMB signing configurations. A video demonstration shows how these vulnerabilities can be chained together to compromise hardened domain environments.

John Fitzpatrick Luke Jennings
20 Dec 2013

Hack the Gibson - Deepsec Edition

A presentation at Deepsec 2013 explored security vulnerabilities in supercomputer technologies. John Fitzpatrick and Luke Jennings from MWR discussed potential attacks against common supercomputer systems. The presentation slides are available for download, providing insights into supercomputer security challenges.

John Fitzpatrick Luke Jennings
18 Sep 2013

Hack the Gibson - 44CON

A presentation at 44CON revealed significant security vulnerabilities in top supercomputers. The talk demonstrated novel attack techniques for compromising large-scale computing infrastructure. Penetration testing exposed lower security standards in high-performance computing systems compared to typical enterprise environments.

Luke Jennings
3 Dec 2009

Weapons of Mass Pwnage: Attacking Deployment Solutions - DeepSec 2009

A presentation at DeepSec 2009 explored security vulnerabilities in Symantec's Altiris Deployment Solution. The talk by Luke Jennings examined potential weaknesses in enterprise deployment technologies. Presentation slides are available for download from the original source.

Luke Jennings
16 Apr 2008

Security Implications of Windows Access Tokens

A whitepaper by Luke Jennings explores the security implications of Windows access tokens in enterprise environments. The document details how access token design can be exploited during penetration testing, highlighting systemic vulnerabilities in corporate security controls. The paper discusses the technical mechanisms of Windows access tokens and provides insights into potential post-exploitation techniques.