Hi folks

My name is Jim Rush and I'm a security consultant and researcher based in Wellington, New Zealand.

I'm currently working as a security consultant for PrivSec Consulting which is a specialist IT Security Consultancy. I hold a Bachelor of Science with a major in Computer Science from Victoria University in Wellington.

In 2024, we presented some of our research at DEFCON32 in Las Vegas: NTLM - the last ride, which resulted in several round trips to the Microsoft Security Reporting Center and multiple CVEs.

Some CVEs we've found:

  • CVE-2024-38200 - NTLM hash leakage in MS Outlook and MS Office
  • CVE-2024-38020 - NTLM hash leakage in MS Outlook
  • CVE-2023-33507 - Unauthenticated File Read in Kramer VIA Go 2
  • CVE-2023-33509 - Unauthenticated SQLi in Kramer VIA Go 2
  • CVE-2023-33508 - Unauthenticated RCE (Remote Code Execution) in Kramer VIA Go 2
  • CVE-2022-31372 - Path Traversal in Wiris MathType (Moodle, Blackboard)

Some things I've made and enjoy doing:

When I'm not working I enjoy creating weird little twitter bots in python. I used to like making video games, but I think I've forgotten how. Also sleeping. I really like sleeping. I don't really get enough of it.

Monster mountain video game
Monster Mountain video game

Monster Mountain: As part of a game jam a few years ago, we made a game where you are a mountain getting rid of pesky climbers. (github, website)

Coffee simulator video game
Coffee simulator video game

Coffee Simulator: Live the simple life! Don't forget to enjoy your coffee. (github, website)

Soothing landscape twitter bot
Soothing landscape twitter bot

Soothing landscape bot: There's a lot going on on twitter, and inspired by a blog post I created a bot to inject some soothing landscapes into the timeline. (github, website)

Knuckle tattoo twitter bot
Knuckle tattoo twitter bot

Knuckle tattoo generator bot: Someone asked me if I could do this for them, so we did it. (github, website)

Picture of a dog Picture of an output colour palette
Input and output image for palette generation

Color palette generator: I wrote a python script to extract a color palette from a given image. Sample image courtesy of Strahan Cole . (github)