Monthly Archive
for: ‘May, 2010’

Manual Egghunter/Shellcode Encoding using Python

You are probably wondering what this post is all about, well….it’s about manually encoding egghunter shellcode why would you want to manually encode the shellcode if you have built in encoders in the metasploit framework ? Before we begin have a look at the following exploit by muts : HP OpenView NNM 7.5.1 OVAS.exe SEH […]

Read More

N@T Shell

A while back I needed a way to make metasploit’s meterpreter persistent or to be able to remotely execute it whenever needed. I decided to try and create a tool for doing that using Visual Basic Let me first say that i am not a programmer, I have very basic programming skills (some code snippets […]

Read More

Exploit DEV Tools – Finding bad characters

Finding bad characters while developing an exploit can sometimes be an exhausting task The following tools are very useful when dealing with bad characters Tools: * Rename files extension to .pl Using generatecodes.pl : This script generates a c style buffer of all characters from 0 to 255, except those specified in a comma seperated […]

Read More

KAV Bloopers?

After watching Offensive-Security I Piss on Your AV Presentation I’ve decided to test my a/v. In this presentation muts shows how to defeat the signature based detection, He used an old backdoor called ncx which listens for incoming connections on port 99 and spawns a bind shell. The process is creating a Code Cave and […]

Read More

Pivoting into a network using PLINK and FPipe

Although the metasploit framework meterpreter have pivoting capabilities which include Port forwarding and Routing, you may find yourself need to pivot your tools outside of the framework. For example, you may want to open a Remote Desktop connection to other internal host on the compromised network. This could be done using SSH Tunneling and Port […]

Read More

SSH Tunneling

What is SSH ? SSH stands for “Secure Shell”, It used to create a secure connection between two computers. SSH supplies a command line interface for remote administration/management of Linux based systems or even CISCO routers, It allows us to securely perform various maintenance tasks and more…basically we can think of it as “secured telnet”. […]

Read More

Recent Posts