November 2009
1 post
ICMPv6.rb →
…. Racket support for ICMPv6 messages is on the way!
Nov 9th
September 2009
7 posts
George Dyson at the birth of the computer →
George show us an original copy of MIGHTY ALAN TURING paper!!!! Hand job stuff for me. Since i was student i’ve allways been a big fan of Alan Turing and Alonzo Church. Theire approach to calculations (Lambda Calculus) was one of the most amazing thing i’ve ever seen (secondary to girls and beer man ;) ).
Sep 23rd
ASPX Backdoor and Token Kidnapping →
Brett Moore from Insomnia Sec. release an interestring .ASPX backdoor with Token Impersonification capabilities. Check it out To know more about Token KidNapping have a look here
Sep 21st
Abusing Citrix →
A 3 part article showing how to break out from a Citrix Envirorment.
Sep 21st
Meterpreter documentation →
At the moment it was the most usefull source of information on how to write meterpreter plugins
Sep 10th
Cross VM Attacks on EC2 →
What do you want to cloud today? :D
Sep 9th
Delicious Dorking →
On this post Laramies introduce a new way to perform information gathering though delicious. Funny enough.
Sep 9th
MSF Oracle MIXIN: connecting as SYSDBA →
I found usefull to specify if i want to hack remote Oracle as SYSDBA or whatever. This small patch add an option: DBPRIV msf auxiliary(sql) > set DBUSER SYS DBUSER => SYS msf auxiliary(sql) > set DBPASS ORACLE DBPASS => ORACLE msf auxiliary(sql) > set DBPRIV SYSDBA DBPRIV => SYSDBA msf auxiliary(sql) > run [*] Sending statement: 'SELECT * FROM USER_ROLE_PRIVS'... [*]...
Sep 7th
July 2009
10 posts
Video - The Java Virtual Machine As Shellcode →
I recently looked over some metasploit presentations and i’ve found this interesting tool. It look very closest to Core Impact, with some little improvements. I’ve allways been fashinated on post exploitation techniques expecialy those focused on how to transforma an oustide WAPT to inside VA. I think Netifera should be a promising strategy. Play the Video, and look why ;) Further...
Jul 28th
Wanna try google wave? →
This implementation uses Django - a well-known python web framework - as its backend and is in a very early stage. Just as Google, I want to release it to the public as fast as possible. In the end, this will eventually be a full-featured server implementation for easy use, extention and integration with your web servers and applications.
Jul 27th
wmap_nikto →
I added wmap_nikto to msf-hack repository. It has been accepted by hdm but still not merged. Basicaly it interacts with wmap to perform a nikto assesment of each virtual folder belonging to a set of target website. For each virtual folder it spawn a nikto instance to analyze complex web application where a reverse proxy (or L5 Load Balancer) is used as frontend compound to  forward HTTP REQUEST to...
Jul 23rd
Make any Ruby object Rack-friendly with Rackable →
class HelloWorld include Rackable def get() "Hello, world!" end end run HelloWorld.new
Jul 23rd
CVE-2009-2430: Solaris AuditConfig Privilege... →
Old school hacking through $SHELL: an in depth analysis of CVE-2009-2430 affecting Solaris 8,9,10 (and OpenSolaris as well). Enjoy.
Jul 23rd
arp_sweeper is now part of msf →
arp_sweep is now part of msf trunk. There is a little improvement from hdm, now it really rocks quickly. Stay tuned, for my upcoming ipv6 devices discovery module.
Jul 22nd
A Structured and Practical Methodology For... →
Any operating system that uses an IP based protocol stack for its networking purposes will have an IP address at its network layer and will rely on its transport layer for reliable or unreliable transportation of the IP datagrams. It is well known that security is not one of the primary components in the initial design specifications IP/TCP/UDP protocol based stack and is vulnerable to classic...
Jul 21st
1 tag
Getting interface addresses with Racket
Here is a quick (but noisy) way to get out of the terrible problem affecting each scripting language: how do i get eth ip/mac address? The following example, based on PacketFu::Utils Singleton, show you a quick way require 'pcaprub' require 'racket' def self.whoami?(args={} iam = Hash.new dst_host = IPAddr.new((rand(16777216) + 2969567232), Socket::AF_INET).to_s dst_port =...
Jul 21st
1 tag
Random msf hacks
I just started a new project on google code to have a free repository for my random hacks on msf. Check it out here. First module i developed is for local network discovery. Baicly it sends arp-requests to local network to enumerate alive host: belch@graal:/opt/pt/framework/framework-trunk# ./msfconsole -r ./arp_sweep _ _ _ _ | | ...
Jul 21st
Jul 6th