[ Beneath the Waves ]

This is the personal website of Ben Lincoln.

This Dust Remembers What It Once Was version 0.6

Another alpha release (0.6) of This Dust Remembers What It Once Was is ready. This one should work even better than previous releases.

I also added a much more basic walkthrough of the tool, with a custom toy PsyQ PlayStation binary which has source included for comparison. You can find that at TDR: Practice Using EdgeCase.

This Dust Remembers What It Once Was version 0.4

Just released a third alpha version (0.4) of This Dust Remembers What It Once Was. This one should work much better than previous releases.

I also finishd the walkthrough for using it to decompile a beta version of Biohazard 2, which you can find in TDR: Biohazard 2.

This Dust Remembers What It Once Was version 0.3

Today I'm releasing a second alpha version of This Dust Remembers What It Once Was. This one has some major improvements and new capabilities.

I recently discovered that mail sent to me through the Contact forms on my websites has been frequently going nowhere, because my hosting provider doesn't think outbound email from web forms and other similar systems should be reliable. If you've tried to get in touch with me and haven't seen a response, I've added my social media contact information to the Contact page.

This Dust Remembers What It Once Was

Today I'm releasing a very early alpha version of This Dust Remembers What It Once Was, a videogame reverse-engineering toolkit for use with Ghidra. This initial version is focused almost exclusively on PlayStation games.

If you scanned my QR code, the details are over at Legacy of Kain: The Lost Worlds, but feel free to contact me via either site.

Summon the Lulz

Summon the Lulz.

Assorted New Material

In this completely random collection of updates, I present:

A long-overdue rewrite of Thermal versus Near Infrared, prompted by a discussion I had in email with Dr. David Wilson.

A look at how I made my Destiny Costume for Halloween, 2017.

A list of the vulnerabilities I've discovered which have been publicly-disclosed: Hack the Planet.

UW/ISACA Presentation Slide Deck

Early tonight I gave a presentation at the University of Washington demonstrating some penetration testing tools. A video should be available eventually. In the meantime, if you'd like to download the slide deck I used:

Penetration Testing Slide Deck - PowerPoint Format [ 760 KiB ]

Penetration Testing Slide Deck - PDF [ 51 MiB ] (yes, it's enormous compared to the PowerPoint file :( )


I've finally made time to post a handy utility VBScript I hacked together late last year: wg.vbs. It's a quick and dirty way to download files via HTTP from the command-line on versions of Windows® too old to support other mechanisms (e.g. PowerShell).

I've also made a few other minor updates I've been meaning to get to for awhile, such as noting in Mimikatz 2.0 - Brute-Forcing Service Account Passwords that Mimikatz already included the capability to launch OS commands — it just wasn't well-documented when I wrote that article.

Mimikatz 2.0 Golden/Silver Ticket Walkthroughs

Back in October I had the opportunity to see Benjamin Delpy (the author of Mimikatz) give a presentation on the new features in the 2.0 alpha release of that tool. I haven't run across any walkthroughs that I really felt conveyed the power of the "Golden Ticket" and "Silver Ticket" functionality, so I made some of my own: Mimikatz 2.0 - Golden Ticket Walkthrough and Mimikatz 2.0 - Silver Ticket Walkthrough. Forge your own Domain Admin tickets! Inject XSS attacks into upstream logging/monitoring systems! Corrupt forensic evidence! Misuse trusted web applications to alter the membership of privileged domain groups!

But some of you already knew about all of those things. What about using the Silver Ticket functionality to launch brute-force or dictionary attacks against the password for trusted service accounts used to run SPN-enabled web applications, even if the target domain locks out accounts after some number of failed login attempts? That's covered in Mimikatz 2.0 - Brute-Forcing Service Account Passwords.

Yield-Focused Vulnerability Score

I've been building an experimental vulnerability scoring system designed to give more accurate results (especially for penetration testing) than other existing systems (e.g. CVSS). You can read about it in the Yield-Focused Vulnerability Score (YFVS) article. The live YFVS 0.4 score calculator includes some fancy radial bar graphs that I'm pretty pleased with. You can read more about those in the Nightingale Charts article.

I am definitely looking for feedback on the scoring system — it is most certainly a work-in-progress.

[ Page Icon ]