Blog

Metasploit Java Meterpreter Payload

If you haven’t noticed the Metasploit Framework has a JAVA meterpreter payload for some time now It supports all the commands supported by the PHP meterpreter, as of SVN revision 9777, and additionally the ipconfig, route, and screenshot commands. It is not fully implemented into the framework yet and in order to get it up and […]

Read More

Digital Whisper Magazine issue 11

Wrote an article named : “Buffer Overflows 101”  which was published today on the Israeli  Security Magazine “Digital Whisper” issue 11. The article is in the Hebrew language and covers the basics of buffer overflows,fuzzing,olly basics,writing a metasploit modules and more… The article has a companion tar.gz file which includes the source code of the vulnerable server (Which was […]

Read More

Cracking Sofaware Safe@Office UTM (SBOX) Passwords

The Safe@Office UTM is a fully-integrated stateful inspection firewall, intrusion prevention, VPN and antivirus gateway, specifically designed to meet the needs of small businesses of various sizes. You can manage the Safe@Office (SBOX) via a web interface or SSH, This product has several passwords stored in its configuration such as: 1. User passwords 2. VPN […]

Read More

darkc0de.com Archive

Recently i noticed that darkc0de.com is down darkc0de.com was a security and hacking related website which contained a large archive of python (and other scripting languages)   scripts,exploit and tutorials. It was a great resource for learning and getting custom made tools For those of you who didn’t got the chance to download its content I […]

Read More

BLOG Updates and WordPress fingerprinting tool

I got a request from visitors to be able to get posts via e-mail, Now you can subscribe to your category of intrest and get updates whenever a new post is published. I also decided to start a “pick of the week” or “tool of the week” postings where each week i’ll post tools and […]

Read More

Client side attacks using evil JAVA applets

About a year ago I stumbled upon a Facebook clone phishing site which contained an evil Java applet, At the time SET wasn’t introduced yet and only few articles disscussing this attack vector were published (Another applet creation process was published by Jabra and described later on the Offensive Security “Metasploit Unleashed” Online course). No source code was released […]

Read More

How strong is your fu for charity – iVuln Writeup

On June 19th 2010 I attended the Offensive Security “How strong is your fu for charity” challenge , The objectives were to pawn 5 machines in 48 hours time frame. After some enumeration and rumors on the IRC channel it became clear to me that the easiest machine to pawn was the 192.168.x.200 (named iVuln),  a […]

Read More

Manual Egghunter/Shellcode Encoding using Python

You are probably wondering what this post is all about, well….it’s about manually encoding egghunter shellcode why would you want to manually encode the shellcode if you have built in encoders in the metasploit framework ? Before we begin have a look at the following exploit by muts : HP OpenView NNM 7.5.1 OVAS.exe SEH […]

Read More

N@T Shell

A while back I needed a way to make metasploit’s meterpreter persistent or to be able to remotely execute it whenever needed. I decided to try and create a tool for doing that using Visual Basic Let me first say that i am not a programmer, I have very basic programming skills (some code snippets […]

Read More

Exploit DEV Tools – Finding bad characters

Finding bad characters while developing an exploit can sometimes be an exhausting task The following tools are very useful when dealing with bad characters Tools: * Rename files extension to .pl Using generatecodes.pl : This script generates a c style buffer of all characters from 0 to 255, except those specified in a comma seperated […]

Read More

KAV Bloopers?

After watching Offensive-Security I Piss on Your AV Presentation I’ve decided to test my a/v. In this presentation muts shows how to defeat the signature based detection, He used an old backdoor called ncx which listens for incoming connections on port 99 and spawns a bind shell. The process is creating a Code Cave and […]

Read More

Pivoting into a network using PLINK and FPipe

Although the metasploit framework meterpreter have pivoting capabilities which include Port forwarding and Routing, you may find yourself need to pivot your tools outside of the framework. For example, you may want to open a Remote Desktop connection to other internal host on the compromised network. This could be done using SSH Tunneling and Port […]

Read More

SSH Tunneling

What is SSH ? SSH stands for “Secure Shell”, It used to create a secure connection between two computers. SSH supplies a command line interface for remote administration/management of Linux based systems or even CISCO routers, It allows us to securely perform various maintenance tasks and more…basically we can think of it as “secured telnet”. […]

Read More
Page 2 of 2«12

Recent Posts