Archive for category /dev/urandom

Team metasploit and msfgui on Windows

First, in answer to a common question, the new msfgui can be run on Windows if Java is installed by double-clicking (starting in your program files directory) \Metasploit\Framework3\msf3\data\gui\msfgui.jar so make a shortcut to that and place it on your desktop. Next think about the fact that Metasploit has more features and runs with less memory […]

Leave a comment

Screwing with Nmap

It is always interesting to me to see what defense can be put up against tools used by attackers/pen testers. I don’t believe there are any public exploits against Nmap (Secunia is not aware of any at least) and I doubt I could find a useful one against a basic scan. On the other hand, […]

Leave a comment

PXE exploitation

Update 2: See the latest, including the Defcon talk at my new blog: http://www.scriptjunkie.us/2011/08/network-nightmare/ Update: This complete attack, including the DHCP server, has been incorporated into Metasploit. Update and enjoy. The module is auxiliary/server/pxexploit PXE booting has been around for over a decade and is supported by most system BIOSs. And I have also seen […]

2 Comments

Sessionthief

Another little project I put together a couple of years ago is sessionthief. When I need to quickly demonstrate the insecurity of open wireless networks, this is my first choice, as it has the ability to immediately hack into most websites another user on the same LAN is logged into. It performs HTTP session cloning […]

8 Comments

XSS, no really

XSS tends to get the eyeroll treatment from security pros since a) it’s everywhere. 2 min of looking for an example on the GOP website, and tada: http://www.gopstore.com/cgi-bin/rnc/scan/st=db/co=yes/sf=prod_group/se=stick%3Cimg%20src=0%20onerror=%22alert%281%29%22%20%3Eer/op=eq/tf=description/ml=12/sp=1stickers.html b) your 8-year-old kid can find it after about 2 minutes of instruction c) it doesn’t give you a shell (directly) But it still works. And it […]

Leave a comment

Security advice

Great post from rsnake; pointing out a Microsoft Research paper (So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users ) on how security advice often does more harm than good. http://ha.ckers.org/blog/20100317/effectiveness-of-user-training-and-security-products-in-general/ I have always disagreed with password policies. There is no gain to most strict password policies over […]

, ,

Leave a comment

Google Update

If you have installed Google Chrome, or maybe Google Desktop or Google’s toolbar, you might be surprised that you have a new Firefox addon, named “Google Update”. And just like Microsoft’s loveable addon, the Google Update addon opens a hole you probably don’t want opened. Unable to find much documentation on the addon, I did […]

, , ,

Leave a comment