All Posts

1 min Metasploit

2014 Metasploit T-Shirt Design Contest

Hey Hacker-Designers! Remember about this time last year, we kicked off the Metasploit T-Shirt design contest to commemorate our shipping of 1,000 exploits and Metasploit's 10th Anniversary? Turns out, we had so many good designs and so much fun with that that we're doing it again this year. So let's see, what reason can we contrive this year... We have 1,294 exploits now
2 min Metasploit

Federal Friday - 4.25.14 - A Whole Lot of Oops

Happy Friday, Federal friends! I hope all of you enjoyed some nice family time over the respective holidays last week. After a successful Marathon Monday here in Boston we're blessed with chirping birds and blooming flowers (finally)! As you all probably know by now, Verizon released their latest DBIR report earlier this week. While this report covered a wide range of topics in regards to breaches, I

2 min IT Ops

Log Aggregation & Grouping in 3 Clicks

With the introduction of a centralized,aggregated view of your logs , we enabled our users to see their entire stack in one view and to quickly correlate different logs together. This log aggregation viewpoint provides much deeper insight into what is occurring across your logs from various sources. We thought that the Log Aggregation View was pretty cool, so we are very excited to launch log Groups which add even more flexibility to save and moni
2 min Metasploit

Hacker's Dome: An Online Capture-the-Flag (CTF) Competition on May 17

Many folks ask me how you can get started as a penetration tester. Save for a real-life penetration test, capture-the-flag (CTF) competitions are probably the most effective ways for you to hone your offensive security skills. What's best: they're a ton of fun, even for experienced pentesters. The folks over at CTF365.com have put together a one-off CTF called Hacker's Dome, which will start on May 17th and run for 48 hours, so save the date. Hacker's Dome - First Bloo
1 min IT Ops

Customer Success: Sending your CoreOS data to Logentries

We love sharing cool stories straight from our customers about how they are using logs to solve problems.  This one is from Matthias Kadenbach (@mkadenbach) who was using CoreOS with multiple Docker containers on Google Compute Engine and not sure how to log from CoreOS to remote destinations. CoreOS is a stripped down version of Linux (Chrome OS) that has no package manager. This basically means no build-essentials are included with the OS, which makes it impossible to download and build the L
3 min IT Ops

4 Reasons to Love Your Log Data

Data logging by essential IT equipment has been around since the beginning of the modern computer era. Operating systems, application software, hardware, and a plethora of IT equipment in and on the network generate log files, and IT professionals can often find themselves knee deep in an overwhelming amount of data, especially as cloud services are added to the mix . But, the truth is that if used properly, log data can be a very good friend to both IT and business

4 min IT Ops

What is "real-time" anyway…?

I love a good buzzword…cloud, big data, analytics …And even more than the buzzwords, I love the liberties people tend to take applying these buzzwords to their new systems and services. Such buzzwords regularly get abused and often get washed into marketing material and product websites in an attempt to hoodwink and woo new unsuspecting customers. One of my (least) favorite buzzwords, that I’ve noticed popping up more recently in particular in the logging space is “real-time.” So what does re
1 min IT Ops

A Note on Logentries Security

The recent OpenSSL vulnerability CVE-2014-0160 , nicknamed “Heartbleed,” affected large part of the Internet. It was caused by a relatively trivial bug, a missing check for an input value, which can lead to a buffer overrun, causing leaking of an unrelated block of memory. This can ultimately lead to compromising of the secret keys used to encrypt the traffic, which essentially allows attackers to eavesdrop on communications, steal data directly f
5 min Exploits

Exploiting CSRF under NoScript Conditions

CSRFs -- or Cross-Site Request Forgery vulnerabilities -- occur when a server accepts requests that can be “spoofed” from a site running on a different domain. The attack goes something like this: you, as the victim, are logged in to some web site, like your router configuration page, and have a valid session token. An attacker gets you to click on a link that sends commands to that web site on your behalf, without your knowledge
4 min

From the Trenches: AV Evasion With Dynamic Payload Generation

By guest blogger Shane Rudy, Information Security Manager, AOScloud, C|EH | E| CSA | L|PT | CPT | CEPT A few weeks ago I was excited when Rapid7, asked me to participate in their 2014 Tech Preview Program for Metasploit Pro version 4.9 I have always enjoyed the interaction I have had with the talented crew over at Rapid7 and I have been a big fan of Metasploit Framework since its inception years ago. Rapid7 has done an excellent job of interacting and allowing its users to participate within t
5 min

Heartbleed War Room - Product FAQ

Quick reference links before we dive in: * Heartbleed Vulnerability Resources * Heartbleed War Room - FAQ * Using Nexpose to stop the bleeding * Metasploit's Heartbleed scanner module Following up on our Heartbleed War Room webcast f
2 min Exploits

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerability

Sophos Web Protection Appliance vs 3.8.1.1 and likely prior versions was vulnerable to both a mass assignment attack which allowed privilege escalation, as well as a remote command execution vulnerability as root available to admin users. ZDI details the vuln here . This Metasploit module exploits both vulnerabilities in order to go from an otherwise unprivileged authenticated user to root on the box. This is particularly bad because this
3 min Nexpose

Using Nexpose to Stop the Bleeding (Scanning for the OpenSSL Heartbleed Vulnerability)

By now you have almost certainly heard about the recently disclosed OpenSSL Heartbleed vulnerability (CVE-2014-0160). The April 9th update for Nexpose includes both authenticated and unauthenticated vulnerability checks for Heartbleed. Scanning your assets with the regular full audit template, or indeed any template that isn't tuned to exclude many ports or vulnerabilities, will automatically pick up this vulnerability. But it is also possible to create

3 min IT Ops

Automating logging to Logentries

Staying on the subject of devops, specifically server automation and monitoring, I’m going to show you how you can automatically send logs to Logentries using Chef and Vagrant . If you are unfamiliar with either of these technologies I suggest you have a look through my previous posts to bring you up to speed on things. We’re going to cover how to install the logentrie
4 min Metasploit

Security Advisory: OpenSSL Heartbleed Vulnerability (CVE-2014-0160) in Metasploit (Updated 4/11/14 2:20pm EDT)

Metasploit 4.9.0 and earlier vulnerable to Heartbleed, update 4.9.1 addresses critical cases The Metasploit editions Metasploit Pro, Metasploit Express, and Metasploit Community in versions 4.9.0 or earlier are vulnerable to the OpenSSL Heartbleed Vulnerability (CVE-2014-0160). Please update to version 4.9.1 to remediate critical vulnerabilities. See below for remediation instructions. Metasploit Framework itself is not affected, but it has dependencies on other components that may need to be u

Popular Topics

Tags