2 min
Like msfvenom? Here's A Faster Way to Generate Stand-alone Metasploit Payloads
Part of the Metasploit Framework, msfvenom is a command-line tool that helps
penetration testers to generate stand-alone payloads to run on compromised
machines to get remote access to the system. Msfvenom is a combination of two
other Metasploit Framework tools: Msfpayload and Msfencode, which generate and
encode payloads respectively.
Even if you have used Msfvenom before, chances are that you need to look up the
tool's documentation every time you want to generate a payload. Msfvenom is a
2 min
IT Ops
5 Great Blogs for DevOps
If you are a DevOps professional looking to get more involved or further your
learning, or just looking for some entertaining, insightful content, we wanted
to put together a list of 5 great blogs for DevOps. And, we know we missed some,
so feel free comment and share what other blogs should be on here!
A few great blogs that we think you might find valuable:
1. ContinuousDelivery.com – Dave Farley and
Jez Humble run this site. Jez is a principal consult
8 min
Driving Risk Reduction through RealContext™ in Nexpose 5.9
We are pleased to announce the next major release of Nexpose, version 5.9. This
release focuses on reducing the risk that matters to your business, quickly and
efficiently.
Business Context?
One of the biggest failings of the security industry so far is that it has
failed to successfully tie the knowledge and the needs of the business to the
overall risk landscape. Every organization has different thoughts and needs
around how they prioritize risk, what they deem fundamentally important, and h
3 min
Tarpits. A Nexpose Killer?
In the challenge of network security there are many great tools at your
disposal. Some of these tools are the IDS/IPS and Firewall. An IDS will detect
an attack, relay the info to the IPS which will help prevent it. Firewalls
generally block stuff (IP or port related), and also tend to have some basic
IDS/IPS functionality.
What is a Tarpit?
A Tarpit is a service generally found on IDS/IPS and Firewalls as well as
servers, that delay or shroud incoming connections. Basically when port
scanning,
6 min
IT Ops
Synchronizing Clocks In a Cassandra Cluster Pt. 2 - Solutions
This is the second part of a two part series. Before you read this, you should
go back and read the original article, “Synchronizing Clocks In a Cassandra
Cluster Pt. 1 – The Problem
.” In
it, I covered how important clocks are and how bad clocks can be in virtualized
systems (like Amazon EC2) today. In today’s installment, I’m going to cover some
disadvantages of off-the-shelf NTP installations, and how to overcome them.
C
5 min
Debugging Metasploit modules with pry-debugger
Pentester Pete here again. It's nice to see ya'll and thanks for coming back.
Have you ever had those times when you're developing, updating, or when a
Metasploit module throws a backtrace on ya, and you're scratching your head
asking yourself, “why me, what's going on”? Well, I hope this blog will get you
through those moments with as little pain as possible. That's right, in this
blog we'll cry , laugh
, a
5 min
IT Ops
Synchronizing Clocks In a Cassandra Cluster Pt. 1 - The Problem
Cassandra is a highly-distributable NoSQL
database with tunable consistency. What makes it highly distributable makes it
also, in part, vulnerable: the whole deployment must run on synchronized clocks.
It’s quite surprising that, given how crucial this is, it is not covered
sufficiently in literature. And, if it is, it simply refers to installation of a
NTP daemon on each node which – if followed blindly – leads to really bad
consequences. You will find blog post
3 min
Apple
Metasploit Weekly Update: There's a Bug In Your Brain
Running Malicious Code in Safari
The most fun module this week, in my humble opinion, is from Rapid7's own
Javascript Dementor, Joe Vennix . Joe wrote up
this crafty implementation of a Safari User-Assisted Download and Run Attack
, which is not technically a vulnerability or a bug or anything -- it's a
feature that ends up being a kind of a huge risk. Here's how it goes:
1 min
Microsoft
Patch Tuesday - March 2014
Microsoft's March Patch Tuesday again came in on the lighter side of some
months. This continues the 2014 trend of smaller Patch Tuesdays. We only see 2
issues that are critical/remote code execution, one of which is the usual IE
(MS14-012), the other is an an issue in the DirectShow libraries (MS14-013)
which affects most versions of Windows from XP up to 8.1/2012r2. These two are
where we should focus our patching efforts.
Of the 18 CVEs addressed in MS14-012, one is known to be in limit
3 min
IT Ops
DevOps: Vagrant with Chef-Server
In my last blog post, The DevOps Tools We Use & How We Use Them
, I talked about how we use
Chef with Vagrant for
managing, maintaining and monitoring our servers. (If you haven’t read it yet, I
suggest you have a quick look at it for reference.) This is great for a
development environment where you spin up servers locally in Virtualbox, however
in doesn’t help much when trying to maint
3 min
Open Source
Metasploit Weekly Update: On Breaking (and Fixing!) Security Software
Attacking Security Infrastructure
This week, one module stands out for me: the Symantec Endpoint Protection
Manager Remote Command Execution by xistence , who
built on the proof-of-concept code from Chris Graham
, who turned that out after Stefan
Viehbock's disclosure from last week. You can read the full disclosure text
from
SEC Consult Vulnerability Lab , and
get an idea of the s
2 min
IT Ops
How To Run Rsyslog in a Docker Container for Logging
I’ve been playing around with Docker this morning (read
as I have followed their 15 min tutorial and have installed it on an Ubuntu
instance – so I’m not quite the expert yet). I was initially interested in
figuring out what log management
looks like for any Docker users out there.
From first look, Docker has a “logs” command that will fetch the logs from a
container. You can run this via the docker daemon and it will captu
3 min
Metasploit
Weekly Metasploit Update: Encoding-Fu, New Powershell Payload, Bug Fixes
I Got 99 Problems but a Limited Charset Ain't One
In this week's Metasploit weekly update, we begin with OJ TheColonial Reeves
' new optimized sub encoding module (opt_sub.rb
). As the name implies, this encoder takes advantage of the SUB assembly
instruction to encode a payload with printable characters that are file path
friendly. Encoders like this are incredibly useful for developing a memory
corruption exploit that triggers a file path buffer overflow, where
2 min
IT Ops
Real User Monitoring: I Need Insight And I Need It Now
In the past it was assumed that the web-based interface was the most important,
and often the only, path for a user to access content or a product. But those
days are gone and now companies must embrace supporting multiple interfaces on
different platforms in order to satisfy their users. With customers looking to
use a mix of clients, with the most common being Web, iOS, Android and Windows
Phones, companies need to invest in optimizing for these channels and, hence,
protecting their investment
4 min
Exploits
Metasploit Weekly Update: Video Chat, Meterpreter Building, and a Fresh MediaWiki Exploit
"It's Like Chat Roulette for Hackers"
The coolest thing this week... wait, let me start again.
The coolest thing this year is Wei sinn3r Chen's
brand new amazesauce, humbly named webcam_chat. I know he just posted all about
it
yesterday, but I just want to reiterate how useful and hilarious this piece of
post-exploit kit really is.
First off, it's entirely peer-to-peer. The communicati