Penetration Testing

Re: Metasploit

Thu, 05 Nov 2009 18:34:12 GMT

Posted by admin on Nov 05

Jon Kibler wrote:

Thanks for the heads up. I have only scanned the first few chapters so far, I will make time for this.

Thanks again
Dave

Re: Brief Analysis of inj3ct0r.com

Thu, 05 Nov 2009 18:28:56 GMT

Posted by Jon Kibler on Nov 05

djamel djamel wrote:

Milw0rm will be back soon. See: "Milw0rm / Str0ke Not Dead" from yesterday.

Jon

Re: Pen Tester Scripting

Thu, 05 Nov 2009 18:21:38 GMT

Posted by Robin Wood on Nov 05

2009/11/3 infosec posts <infosec.posts () gmail com>:

The project is just starting up so we don't have much on there at the
moment but the number of people offering to submit scripts is growing
so hopefully it won't be long till we get to a point of having
something for everyone.

If you have something you'd like to submit please send it to
scripts () pentesterscripting com . These don't have to be hardcore, l33t
scripts just anything you...

Re: SQL passwords

Thu, 05 Nov 2009 18:06:48 GMT

Posted by Martin Rublik on Nov 05

Well if you use 2005 SQL server it would be definitely faster to
attack an uppercase hash. The complexity will reduce significantly.
For example if you have n character password then there are 2^n
possibilities for mixcase password for every uppercase password.

As for the worst case it is quite simple, it depends on how many
characters you will use :), if you use Cain for password cracking it
will show you how much time is remaining.

Best...

Analyzing Shellcode

Thu, 05 Nov 2009 18:00:57 GMT

Posted by cAs on Nov 05

Good evening everybody,

i am trying to analyze the shellcode used in this exploit:
http://www.milw0rm.com/exploits/7477

If i echo the unescaped shellcode i only get wierd chinese (i think)
letters.

What's the right way to analyze what kind of shellcode is beeing used
and what command is beeing executed by it.

Greetings,
cAs

------------------------------------------------------------------------
This list is sponsored by: Information...

Re: Brief Analysis of inj3ct0r.com

Thu, 05 Nov 2009 18:00:16 GMT

Posted by djamel djamel on Nov 05

is there any GOOD alternative other than packet storm???

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org...

Re: True Source Code Analysis for Security

Wed, 04 Nov 2009 23:04:45 GMT

Posted by Jason Ross on Nov 04

Agreed, it feels "slimy". That was my first reaction to this thread as well.
But then I tried to identify what exactly it was that cause me to feel that way.

* The white paper itself doesn't try to market their product that I
could see.
* The web site it's available from doesn't require an email address or any
other form of information before allowing you to download the document.
* The original post does not attempt to...

Milw0rm / Str0ke Not Dead

Wed, 04 Nov 2009 22:52:57 GMT

Posted by Jon Kibler on Nov 04

Hi,

I know by now that many of you have seen the story at...

http://bl4cksecurity.blogspot.com/2009/11/str0ke-milworms-funeral-is-this-friday.html

I know this because MANY of you have written me off-list with the message "have
you heard the news?"... If I did not personally reply, I am sorry, but my inbox
has been swamped today.

Well, good news and bad news here.

Bad news first. The above story is a hoax. Str0ke is alive, well, and...

MITM attack report on smartphones

Wed, 04 Nov 2009 22:36:16 GMT

Posted by Mayank Aggarwal on Nov 04

Hi,

I thought of sharing this report which we recently posted on the following link:
http://threatcenter.smobilesystems.com/?cat=4

Abstract:
According to a survey conducted by a mobile advertising researcher, AdMob, smartphone users are driving up the use of
Wi-Fi hotspots. The result of the survey indicates that there were 550 million smartphone Wi-Fi requests in Western
Europe alone in 2008, a 132% increase for the year. AdMob said that 42%...

Re: Get a Clue! WAS: Re: Metasploit

Wed, 04 Nov 2009 22:28:51 GMT

Posted by Eric Milam on Nov 04

Although I agree with some of what Jon states below. I think it was
rude not to include the link. It did only take me about 5 seconds with
Google. (Although I got the info in Sept through the Offsec Blog...and
you guys should sign up for the newsletter!)

In the immortal words of muts -> Try Harder!

http://www.offensive-security.com/metasploit-unleashed/

Best of luck!

Eric
OSCP!

Jon Kibler wrote:...

Re: port scan to juniper fw

Wed, 04 Nov 2009 21:02:19 GMT

Posted by aditya mukadam on Nov 04

Yes, I have verified and also have the relevant logs with me from the
'flow filter' .

Thanks,
Aditya Govind Mukadam

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT
and CEPT certs require a full practical examination in order to...

Re: port scan to juniper fw

Wed, 04 Nov 2009 20:57:54 GMT

Posted by Chris Brenton on Nov 04

Have you verified this? Last time I tested their anti-spoofing it didn't
actually drop the packet. It would pass it through and then follow it up
with a host unreachable (to the target) in order to kill the session.

What was odd was the TTL would get decremented by 2. My best guess is it
was the single honed IPS code dealing with the spoofing and that was
introducing an extra routing hop.

I have not tested this for a few years, so they may have...

Get a Clue! WAS: Re: Metasploit

Wed, 04 Nov 2009 20:52:13 GMT

Posted by Jon Kibler on Nov 04

Jon Kibler wrote:
<SNIP!>

<SNIP!>

I hate to reply to my own email, BUT...

<rant>
I received dozens of (mostly off-list) messages, "I cannot find the course, will
you please send me a link"? Folks, get a clue! How can you call yourself a pen
tester if you cannot find an online course hiding in plain site? How do you
expect to be able to penetrate systems through obscure weaknesses when you miss
the 6,500Kgm gorilla...

winAUTOPWN 2.0 - Introducing winAUTOPWN GUI - Now you can sleep

Wed, 04 Nov 2009 20:43:45 GMT

Posted by QUAKER DOOMER on Nov 04

Dear all,

After a long break and a lot of Unpolished SITA releases of the previous version, I am finally releasing
winAUTOPWN version 2.0

winAUTOPWN or WINDOWS AUTOPWN version 2.0 now has a GUI (winAUTOPWN_GUI.exe) to initiate the main
console winAUTOPWN.exe
winAUTOPWN now supports all console arguments which can also be fed interactively.
This version covers almost all remote exploits from 2009 start uptill October 2009. Though a few are...

Re: Metasploit

Wed, 04 Nov 2009 20:26:16 GMT

Posted by jfvanmeter on Nov 04

How well do you know metasploit?

I thought I knew it fairly well. Turns out, I do know half of what I thought I
knew about metasploit. I am really surprised at how much metasploit can do that
I did not know about.

I am currently working through Offensive Security's Metasploit Unleashed online
course. It is currently a "donate to HFC"-ware course. It is a great course, and
I highly recommend it! I have learned a lot and I am only about...