1 min
IT Ops
Direct downloads
We are happy to announce a publicly available beta of direct downloads. Now you
can download any part of your log stream with literally one click!
We have provided a new button which you can see on the right side of the Log
screen. Click on the download icon to start the download immediately.
You can configure different download options also. Specify whether you want to
download log entries in plain text or if they should be compressed first. You
2 min
Metasploit
Creating a PCI 11.3 Penetration Testing Report in Metasploit
PCI DSS Requirement 11.3 requires that you "perform penetration testing at least
once a year, and after any significant infrastructure or application upgrade or
modification". You can either conduct this PCI penetration test in-house
or hire a third-party security assessment. Metasploit Pro offers a PCI reporting
template, which helps you in both of those cases. If you are conducting the
penetration test in
3 min
Metasploit
New Critical Microsoft IE Zero-Day Exploits in Metasploit
We've been noticing a lot of exploit activities against Microsoft
vulnerabilities lately. We decided to look into some of these attacks, and
released two modules for CVE-2012-1889
and CVE-2012-1875
within a week of
the vulnerabilities' publication for our users to test their systems. Please
note that both are very important to any organization using Windows, because one
of
3 min
Metasploit
Weekly Metasploit Update: Encrypted Java Meterpreter, MS98-004, and New Modules!
When it rains, it pours. We released Metasploitable Version 2
, published a technique for scanning
vulnerable F5 gear
, and put out a
module to exploit MySQL's tragically comic authentication bypass problem
, all in
addition to cooking up this week's update. So, kind of a busy week around here.
You're welcome. (:
Encryp
1 min
Metasploit
Introducing Metasploitable 2!
Some folks may already be aware of Metasploitable, an intentionally vulnerable
virtual machine designed for training, exploit testing, and general target
practice. Unlike other vulnerable virtual machines, Metasploitable focuses on
vulnerabilities at the operating system and network services layer instead of
custom, vulnerable applications. I am happy to announce the release of
Metasploitable 2, an even better punching bag for security tools like Metasploit
, an
4 min
Metasploit
How to Create Custom Reports in Metasploit
Metasploit Pro has a powerful reporting engine with many standard reports but
also great ways to build your own reports. Custom reports can help you if in a
couple of different ways:
* Add your logo and corporate design to reports
* Change the way reports display the information
* Translate a reporting template to your local language
* Create new reports for regional compliance needs
A custom report is a report that you use template to generate. You can generate
a custom report with a te
2 min
Metasploit
Scanning for Vulnerable F5 BigIPs with Metasploit
This morning Matta Consulting posted an advisory
for the F5 BigIP
equipment. The advisory states that certain BigIP devices contain a SSH private
key on its filesystem that is trusted for remote root access on every other
BigIP appliance. Although Matta did not provide the private key, they did
provide the public key itself:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvIhC5skTzxyHif/7iy3yhxuK6/OB13hjPqrskogkYFrcW8OK4VJ T+5+Fx7wd4sQCnVn8rNqahw/x
5 min
Vulnerability Disclosure
CVE-2012-2122: A Tragically Comedic Security Flaw in MySQL
Introduction
On Saturday afternoon Sergei Golubchik posted to the oss-sec mailing list about
a recently patched security flaw CVE-2012-2122in the MySQL and MariaDB database
servers. This flaw was rooted in an assumption that the memcmp() function would
always return a value within the range -128 to 127 (signed character). On some
platforms and with certain optimizations enabled, this routine can return values
outside of this range, eventually causing the code that compares a hashed
password to s
5 min
Metasploit
Weekly Metasploit Update: Citrix Opcodes, Hash Collisions, and More!
This week's update has a nice new asymmetric DoS condition module, a bunch of
churn in Metasploit's Rails components, and some new Citrix attacks, so let's
get right into it.
Fuzzing for Citrix Opcodes
This week's update includes three new exploits for Citrix Provisioning Services,
the solution by Citrix "to stream a single desktop image to create multiple
virtual desktops on one or more servers in a data center" (vendor quote
). These mo
4 min
Exploits
Exploit Trends: CCTV DVR Login Scanning and PHP CGI Argument Injection
Last month, we gave you a list of the top 10 most searched Metasploit exploit
and auxiliary modules from our exploit database (DB)
. These stats are collected by analyzing searches on
metasploit.com in our webserver logs, not through usage of Metasploit, which we
do not track for privacy reasons.
We were curious how the list changed month over month, and now we have the first
results for May 2012. As expected, most exploits only moved around a little but
we also ha
2 min
Metasploit
Webcast: Don't Pick the Lock, Steal the Key - Password Auditing With Metasploit
David Maloney's webcast for for network administrators and security engineers is
now available online. David discusses weaknesses in password-based
authentication on clients and servers and how to audit these as part of a
regular security program.
What you'll learn in this webcast
* Password storage systems and password obfuscation
* Strengths and weaknesses of the various approaches
* Real-life examples of badly implemented password authentication mechanisms
* How to audit passwords on
4 min
Metasploit
Can't Exploit Machines? A Metasploit Troubleshooting How To
It can be very frustrating to try exploiting machines and not succeeding,
especially if your vulnerability report is showing a lot of vulnerabilities on
the hosts you are trying to exploit. This is usually due to one of the following
reasons:
1. Not all reported vulnerabilities are exploitable. It may be because a
firewall or IPS/IDS is successfully stopping the attack, or simply because
your vulnerability scanner reported a false positive.
2. Your Metasploit machine or network connec
2 min
Metasploit
Weekly Metasploit Update: Dev Docs and More
This week in the U.S. is the unofficial start of summer, so that probably
explains why it's been a bit of a slow week in the Metasploit community,
hacking-wise. We have Weekly Metasploit Update: Dev Docs and Morea few new
modules for this week's update, but in addition to those, I'd like to mention a
few new resources we've put together for the Metasploit development community.
Docs and Videos
Over the last few weeks, we've been working up some more comprehensive
documentation on how to get sta
3 min
Metasploit
Using BackTrack 5 R2 with Metasploit Community or Metasploit Pro
As of version 5 R2, BackTrack comes pre-installed with Metasploit 4.1.4, so it's
now easier to use Metasploit Community Edition or Metasploit Pro on BackTrack.
Here is how it's done:
* After BackTrack boots, enter startx to get into the UI.
* Install BackTrack in a virtual machine using the Install BackTrack icon in
the top left corner. This is recommended so that Metasploit remembers its
product key; otherwise, you would have to register Metasploit each time.
* Log in with user root,
2 min
Product Updates
Weekly Metasploit Update: Post Modules
This week, let's talk about post-modules, since we have two new fun ones to
discuss.
Windows PowerShell
Windows PowerShell is a scripting language and shell for Windows platforms, used
primarily by system administrators. While untrusted scripts are not allowed to
run by default, many users will be tempted to set their execution environments
to be pretty permissive. This, in turn, can provide a rich (and almost
completely overlooked) post-exploitation playground.
To that end, this update featur