4 min
Replacing Pedantry with Positive Interaction
The recent vBulletin hack is the most recent case of a compromise being labeled
as a ‘sophisticated attack.' Predictably, the internet exploded with people
complaining about this label, stating that it was just SQL Injection. The same
thing occurred with the news of the TalkTalk breach. Before that, the
Playstation Network breach comes to mind, although there have surely been many
in between. I will issue my mea culpa right now. I have publically blasted
people for this in the past. But today I
9 min
Metasploit
12 Days of HaXmas: Buffer Overflows Come and Go, Bad Passwords are Forever
This post is the fourth in a series, 12 Days of HaXmas, where we take a look at
some of more notable advancements and events in the Metasploit Framework over
the course of 2014.
This summer, the Metasploit team began the large undertaking of reworking
credentials throughout the project. Metasploit, as you already know, began as a
collection of traditional exploits. Over the years it has grown into much more
than that. Credentials were first introduced into Metasploit in the form of
Auxiliary Sc
8 min
Metasploit
The Odd Couple: Metasploit and Antivirus Solutions
I hear a lot of questions concerning antivirus evasion with Metasploit, so I'd
like to share some the information critical to understanding this problem. This
blog post is not designed to give you surefire antivirus (AV) evasion
techniques, but rather to help you understand the fundamentals of the issue.
A Quick Glossary
Before we begin, let's define a few terms. This will be important for
understanding some of the things we will discuss.
Payload: A payload is the actual code that is being del
6 min
Metasploit
Abusing Windows Remote Management (WinRM) with Metasploit
Late one night at Derbycon [https://www.derbycon.com/], Mubix
[https://twitter.com/mubix] and I were discussing various techniques of mass
ownage. When Mubix told me about the WinRM service, I wondered: "Why don't we
have any Metasploit modules for this yet?" After I got back , I began digging.
WinRM/WinRS
WinRM is a remote management service for Windows that is installed but not
enabled by default in Windows XP and higher versions, but you can install it on
older operating systems as well. Win
8 min
Metasploit
Recon, Wireless, and Password Cracking
The Metasploit Framework continues to grow and expand with the support of the
community. There have been many new features added to the Metasploit Framework
over the past month. I am very excited to be able to share some of these new
developments with you.
Mubix's Recon Modules
Mubix's post-exploitation modules form his Derbycon talk are now in the
repository. The resolve_hostname module, originally called 'Dig', will take a
given hostname and resolve the IP address for that host from the windo