3 min
Metasploit Weekly Update: Blinding Defenders by Poking at Wireshark
The Wireshark DoS Module
This week, we have an interesting new module from Metasploit community
contributor JoseMi , which exercises a (seeming)
denial-of-service (DoS) condition in a Wireshark dissector responsible for
decoding CAPWAP packets. No, I've never heard of CAPWAP either, but Wikipedia's
article , now I'm an expert! At any rate,
it's not a protocol that you would expect to find really anywhere, given that
no
real wir
2 min
Becoming a Metasploit Pro Specialist
(This guest blog comes to us from Louis Sanchez, a Network Systems Specialist
that is employed at a Cancer Center in the North East)
In late February of this year, I was presented with the opportunity to
participate in the new Metasploit Pro Specialist certification pilot. The goal
of this new certification was to provide the training required to have a
proficient understanding of Metasploit Pro
. By providing a baseline
of knowledge require
4 min
Emergent Threat Response
Managing the Impact of the Ebay Breach on You and Your Company
eBay announced
earlier today that they were the victims of an attack that compromised the email
address, encrypted password, physical address, phone number and date of birth of
eBay customers. It's important to note that the company indicated that they
have not detected any fraudulent network activity and that credit card
information was not taken.
Breached Credentials #1 Attack Vector and #1 Most Commonly Sold Information on
Bl
2 min
IT Ops
Our Favorite Linux Performance Monitoring Tools
As a part of monitoring and troubleshooting our system and applications, we
often need to get a quick snapshot of information about the status of our
server. This usually means SSHing into a server and running certain commands to
get to the information we need. I wanted to share a quick overview of my top 5
commands to get a snapshot of this server information.
htop
htop is an ncurses-based interactive process viewer for Linux. It gives
information about the CPU utiliz
5 min
Vulnerability Disclosure
R7-2014-01, R7-2014-02, R7-2014-03 Disclosures: Exposure of Critical Information Via SNMP Public Community String
Summary of Vulnerabilities
This report details three critical information disclosure vulnerabilities. The
vulnerabilities were discovered while Matthew Kienow and I (Deral Heiland
) were researching information disclosure issues
in SNMP on embedded appliances for a talk
at CarolinaCon
. During this research project, most devices
exposed information that would be classified as benign or pub
3 min
Microsoft
Patch Tuesday, May 2014 - Lots going on
There is a lot going on in the updates from Microsoft this month, including some
very interesting and long time coming changes. Also, it's the highest volume of
advisories so far this year, with eight dropping on us, two of which are
labelled as critical.
How to describe the patching priority is going to be very subjective. Microsoft
has identified three of these advisories: MS14-024, MS14-025, & MS14-029, the IE
patch as priority 1 patching concerns. Interestingly MS14-029 which is the
update
2 min
Goodnight, BrowserScan
The BrowserScan concept emerged during the
heyday of Java zero-day exploits in 2012. The risk posed by out-of-date browser
addons, especially Java and Flash, was a critical issue for our customers and
the greater security community. The process of scanning each desktop for
outdated plugins was something that many firms couldn't do easily. BrowserScan
helped these firms gather macro-level exposure data about their desktop systems,
providing a quick health-check o
5 min
Exploits
Oracular Spectacular
Nexpose version 5.9.10 includes significant improvements to its Oracle Database
fingerprinting and vulnerability coverage. When configured with appropriate
database credentials, Nexpose scans can accurately identify which patches have
been applied. This post will go through the steps for setting up such a scan, as
well as discuss some of the finer details about Oracle's versioning scheme and
the terminology around their quarterly Critical Patch Update program.
Scanning Oracle Databases with Nex
4 min
Authentication
ControlsInsight: A step-by-step approach to troubleshoot missing assets
ControlsInsight retrieves data from Nexpose, so it is important to make sure
that the site is properly configured. In this blog post, we will go through a
step-by-step procedure of setting up a site configuration that will enable
ControlsInsight to report on all Windows assets. We will also go through a
scenario to troubleshoot why an asset did not make it into ControlsInsight.
Step 1: Things we need
* The list of assets to be scanned either by IP range or hostnames *
ControlsInsight c
2 min
IT Ops
Using D3.js to Graph Your Log Data
At Logentries, we use the open-source D3.js visualization library for a number
of our graphs, including our recently released Insights feature
. In a nutshell, D3 allows you
to efficiently manipulate documents based on data with minimal overhead. While
it could in fact be used for all types of DOM manipulation that you might do
with jQuery instead for example, we have used it purely for its graphing
functionality.
One of the reasons we chose D3 i
1 min
Metasploit
2014 Metasploit T-Shirt Design Contest
Hey Hacker-Designers!
Remember about this time last year, we kicked off the Metasploit T-Shirt design
contest
to
commemorate our shipping of 1,000 exploits and Metasploit's 10th Anniversary?
Turns out, we had so many good designs
and so much fun with that that
we're doing it again this year. So let's see, what reason can we contrive this
year...
We have 1,294 exploits now
2 min
Metasploit
Federal Friday - 4.25.14 - A Whole Lot of Oops
Happy Friday, Federal friends! I hope all of you enjoyed some nice family time
over the respective holidays last week. After a successful Marathon Monday here
in Boston we're blessed with chirping birds and blooming flowers (finally)!
As you all probably know by now, Verizon released their latest DBIR
report earlier this week. While this report covered a wide range of topics in
regards to breaches, I
2 min
IT Ops
Log Aggregation & Grouping in 3 Clicks
With the introduction of a centralized,aggregated view of your logs
, we enabled our users to see
their entire stack in one view and to quickly correlate different logs together.
This log aggregation viewpoint provides much deeper insight into what is
occurring across your logs from various sources.
We thought that the Log Aggregation View was pretty cool, so we are very excited
to launch log Groups which add even more flexibility to save and moni
2 min
Metasploit
Hacker's Dome: An Online Capture-the-Flag (CTF) Competition on May 17
Many folks ask me how you can get started as a penetration tester. Save for a
real-life penetration test, capture-the-flag (CTF) competitions are probably the
most effective ways for you to hone your offensive security skills. What's best:
they're a ton of fun, even for experienced pentesters. The folks over at
CTF365.com have put together a one-off CTF called
Hacker's Dome, which will start on May 17th and run for 48 hours, so save the
date.
Hacker's Dome - First Bloo
1 min
IT Ops
Customer Success: Sending your CoreOS data to Logentries
We love sharing cool stories straight from our customers about how they are
using logs to solve problems. This one is from Matthias Kadenbach (@mkadenbach)
who was using CoreOS with multiple Docker containers on Google Compute Engine
and not sure how to log from CoreOS to remote destinations.
CoreOS is a stripped down version of Linux (Chrome OS) that has no package
manager. This basically means no build-essentials are included with the OS,
which makes it impossible to download and build the L