3 min
Open Source
Metasploit Weekly Update: On Breaking (and Fixing!) Security Software
Attacking Security Infrastructure
This week, one module stands out for me: the Symantec Endpoint Protection
Manager Remote Command Execution by xistence , who
built on the proof-of-concept code from Chris Graham
, who turned that out after Stefan
Viehbock's disclosure from last week. You can read the full disclosure text
from
SEC Consult Vulnerability Lab , and
get an idea of the s
2 min
IT Ops
How To Run Rsyslog in a Docker Container for Logging
I’ve been playing around with Docker this morning (read
as I have followed their 15 min tutorial and have installed it on an Ubuntu
instance – so I’m not quite the expert yet). I was initially interested in
figuring out what log management
looks like for any Docker users out there.
From first look, Docker has a “logs” command that will fetch the logs from a
container. You can run this via the docker daemon and it will captu
3 min
Metasploit
Weekly Metasploit Update: Encoding-Fu, New Powershell Payload, Bug Fixes
I Got 99 Problems but a Limited Charset Ain't One
In this week's Metasploit weekly update, we begin with OJ TheColonial Reeves
' new optimized sub encoding module (opt_sub.rb
). As the name implies, this encoder takes advantage of the SUB assembly
instruction to encode a payload with printable characters that are file path
friendly. Encoders like this are incredibly useful for developing a memory
corruption exploit that triggers a file path buffer overflow, where
2 min
IT Ops
Real User Monitoring: I Need Insight And I Need It Now
In the past it was assumed that the web-based interface was the most important,
and often the only, path for a user to access content or a product. But those
days are gone and now companies must embrace supporting multiple interfaces on
different platforms in order to satisfy their users. With customers looking to
use a mix of clients, with the most common being Web, iOS, Android and Windows
Phones, companies need to invest in optimizing for these channels and, hence,
protecting their investment
4 min
Exploits
Metasploit Weekly Update: Video Chat, Meterpreter Building, and a Fresh MediaWiki Exploit
"It's Like Chat Roulette for Hackers"
The coolest thing this week... wait, let me start again.
The coolest thing this year is Wei sinn3r Chen's
brand new amazesauce, humbly named webcam_chat. I know he just posted all about
it
yesterday, but I just want to reiterate how useful and hilarious this piece of
post-exploit kit really is.
First off, it's entirely peer-to-peer. The communicati
6 min
IT Ops
Mobile Apps: 6 Steps to A Wealth of Untapped Data
With mobile technology becoming a bigger part of many companies’ front end
coverage, it makes sense to ensure that you are getting a good return on your
investment by delivering a high quality app that works for your users.
With this in mind we are excited to announce the release of our iOS and Android
libraries . When used in conjunction
with our JavaScript library, these will give you coverage over virtually your
whole front end.
Mobile adoption for U
3 min
IT Ops
An Inflection Point for Mobile Devices & App Monitoring
You may not have noticed, but history has unfolded before our very eyes in the
past few months, with mobile device sales expected to outpace those of the
traditional laptops for the first time (at least according to IDC research last
September ).
To shed some light on the expected pace of change, by 2017 it’s anticipated that
87% of the worldwide smart connected device market will be tablets and
smartphones, with PCs (both desktop and lapt
4 min
Let's Talk About Your Security Breach with Metasploit. Literally. In Real Time.
During a recent business trip in Boston, Tod and I
sat down in a bar with the rest of the Metasploit team, and shared our own
random alcohol-driven ideas on Metasploit hacking. At one point we started
talking about hacking webcams. At that time Metasploit could only list webcams,
take a snapshot, stream
(without sound),
or record audio
4 min
Exploits
Weekly Metasploit Update: Feb. 13, 2014
Android WebView Exploit, 70% Devices Vulnerable
This week, the biggest news I think we have is the release this week of Joe
Vennix and Josh @jduck Drake's hot new/old Android WebView exploit. I've been
running it for the last day or so out on the Internet, with attractive posters
around the Rapid7 offices (as seen here) in an attempt to pwn something good.
I've popped a couple shells, I guess I didn't make my QR Code attractive enough.
Seriously, though, this vulnerability is kind of a huge d
3 min
Microsoft
Patch Tuesday - February 2014, also, say "buh-bye" to MD5
This was a fairly novel Patch Tuesday (calling it interesting might be too
strong a word for Patch Tuesday, unless you work in vulnerability management and
geek out on these things - in which case, I thought it was interesting).
At first take, it looked like Microsoft would continue the 2014 trend of keeping
patch Tuesday relatively light. There were only 5 advisories this month, two
critical, three important. Emphasis is on the past tense.
Monday morning, Microsoft updated the advance no
1 min
Penetration Testing
Your PenTest Tools Arsenal
When it comes to information security, one of the major problems is setting up
your PenTest Tools Arsenal. The truth is, there are too many tools out there and
it would take forever to try half of them to see if one fits your needs. Over
the years, there have been some well established tools released that most of
security professionals use currently, but that doesn't mean that are not unknown
yet still very good pentesting tools that are not as popular.
I wanted to make a list of the pentest to
3 min
Leveraging the power of Metasploit's resource scripts
As a pentester for Rapid7 I use Metasploit a lot. I think one of the most
overlooked features in Metasploit is the ability to create resource scripts.
What are resource scripts you ask? “A resource file is essentially a batch
script for Metasploit; using these files you can automate common tasks – H.D.
Moore.”
There are several resource scripts included with Metasploit, one of which is
port_cleaner. If you're like me you have had times when, after importing NMAP
scan data, a bunch of cruft fo
3 min
Metasploit
Weekly Metasploit Update: ADSI support and MSFTidy for sanity
Meterpreter ADSI support
We ended up skipping last week's update since upwards of 90% of Rapid7 folks
were Shanghaied up to Boston, in the dead of winter, with only
expense-reportable booze too keep us warm at night. So, with much fanfare comes
this week's update, featuring the all new ADSI interface for Meterpreter, via OJ
TheColonial Reeves' Extended API.
Lucky for us, and you, Carlos DarkOperator
Perez was not ensconced i
3 min
Pwn Faster with Metasploit's Multi-Host Check Command
One of the most popular requests I've received from professional penetration
testers is that they often need to be able to break into a network as fast as
possible, and as many as possible during an engagement. While Metasploit Pro or
even the community edition already gives you a significant advantage in speed
and efficiency, there is still quite a large group of hardcore Framework users
out there, so we do whatever we can to improve everybody's hacking experience. A
new trick we'd like to in
7 min
Exploitable vulnerabilities #1 (MS08-067)
Description
In November of 2003 Microsoft standardized its patch release cycle. By releasing
its patches on the second Tuesday of every month Microsoft hoped to address
issues that were the result of patches being release in a non uniform fashion.
This effort has become known as Patch-Tuesday. From the implementation of
Patch-Tuesday (November, 2003) until December, 2008 Microsoft released a total
of 10 patches that were not release on a Patch-Tuesday also known as
“out-of-band” patches. The 10t