Reverse SSL Shells with stunnel.

Just a quick post, something I came across today, and after a bit of experimenting, got working. In this post I’ll show you a neat “living off the land” trick, using the “stunnel” utility as a “backdoor” of sorts, delivering you a reverse shell over SSL to a socat listener. Even better – you can …

Basic Programming: Disabling Certificate Validation and Warnings in Python-Requests

Most of the time, when writing exploits, we don’t care much for certificate validation. Especially when we are writing exploits for embedded devices or suchlike that uses self-signed certs. So we will be wanting to disable certificate validation. When writing actual sensible software that talks to real things, you probably do NOT want to be …