Posts by David Maloney

4 min

Replacing Pedantry with Positive Interaction

The recent vBulletin hack is the most recent case of a compromise being labeled as a ‘sophisticated attack.' Predictably, the internet exploded with people complaining about this label, stating that it was just SQL Injection. The same thing occurred with the news of the TalkTalk breach. Before that, the Playstation Network breach comes to mind, although there have surely been many in between. I will issue my mea culpa right now. I have publically blasted people for this in the past. But today I

9 min Metasploit

12 Days of HaXmas: Buffer Overflows Come and Go, Bad Passwords are Forever

This post is the fourth in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014. This summer, the Metasploit team began the large undertaking of reworking credentials throughout the project. Metasploit, as you already know, began as a collection of traditional exploits. Over the years it has grown into much more than that. Credentials were first introduced into Metasploit in the form of Auxiliary Sc

8 min Metasploit

The Odd Couple: Metasploit and Antivirus Solutions

I hear a lot of questions concerning antivirus evasion with Metasploit, so I'd like to share some the information critical to understanding this problem. This blog post is not designed to give you surefire antivirus (AV) evasion techniques, but rather to help you understand the fundamentals of the issue. A Quick Glossary Before we begin, let's define a few terms. This will be important for understanding some of the things we will discuss. Payload: A payload is the actual code that is being del

6 min Metasploit

Abusing Windows Remote Management (WinRM) with Metasploit

Late one night at Derbycon [], Mubix [] and I were discussing various techniques of mass ownage. When Mubix told me about the WinRM service, I wondered: "Why don't we have any Metasploit modules for this yet?" After I got back , I began digging. WinRM/WinRS WinRM is a remote management service for Windows that is installed but not enabled by default in Windows XP and higher versions, but you can install it on older operating systems as well. Win

8 min Metasploit

Recon, Wireless, and Password Cracking

The Metasploit Framework continues to grow and expand with the support of the community. There have been many new features added to the Metasploit Framework over the past month. I am very excited to be able to share some of these new developments with you. Mubix's Recon Modules Mubix's post-exploitation modules form his Derbycon talk are now in the repository. The resolve_hostname module, originally called 'Dig', will take a given hostname and resolve the IP address for that host from the windo