6 min
IT Ops
Mobile Apps: 6 Steps to A Wealth of Untapped Data
With mobile technology becoming a bigger part of many companies’ front end
coverage, it makes sense to ensure that you are getting a good return on your
investment by delivering a high quality app that works for your users.
With this in mind we are excited to announce the release of our iOS and Android
libraries . When used in conjunction
with our JavaScript library, these will give you coverage over virtually your
whole front end.
Mobile adoption for U
3 min
IT Ops
An Inflection Point for Mobile Devices & App Monitoring
You may not have noticed, but history has unfolded before our very eyes in the
past few months, with mobile device sales expected to outpace those of the
traditional laptops for the first time (at least according to IDC research last
September ).
To shed some light on the expected pace of change, by 2017 it’s anticipated that
87% of the worldwide smart connected device market will be tablets and
smartphones, with PCs (both desktop and lapt
4 min
Let's Talk About Your Security Breach with Metasploit. Literally. In Real Time.
During a recent business trip in Boston, Tod and I
sat down in a bar with the rest of the Metasploit team, and shared our own
random alcohol-driven ideas on Metasploit hacking. At one point we started
talking about hacking webcams. At that time Metasploit could only list webcams,
take a snapshot, stream
(without sound),
or record audio
4 min
Exploits
Weekly Metasploit Update: Feb. 13, 2014
Android WebView Exploit, 70% Devices Vulnerable
This week, the biggest news I think we have is the release this week of Joe
Vennix and Josh @jduck Drake's hot new/old Android WebView exploit. I've been
running it for the last day or so out on the Internet, with attractive posters
around the Rapid7 offices (as seen here) in an attempt to pwn something good.
I've popped a couple shells, I guess I didn't make my QR Code attractive enough.
Seriously, though, this vulnerability is kind of a huge d
3 min
Microsoft
Patch Tuesday - February 2014, also, say "buh-bye" to MD5
This was a fairly novel Patch Tuesday (calling it interesting might be too
strong a word for Patch Tuesday, unless you work in vulnerability management and
geek out on these things - in which case, I thought it was interesting).
At first take, it looked like Microsoft would continue the 2014 trend of keeping
patch Tuesday relatively light. There were only 5 advisories this month, two
critical, three important. Emphasis is on the past tense.
Monday morning, Microsoft updated the advance no
1 min
Penetration Testing
Your PenTest Tools Arsenal
When it comes to information security, one of the major problems is setting up
your PenTest Tools Arsenal. The truth is, there are too many tools out there and
it would take forever to try half of them to see if one fits your needs. Over
the years, there have been some well established tools released that most of
security professionals use currently, but that doesn't mean that are not unknown
yet still very good pentesting tools that are not as popular.
I wanted to make a list of the pentest to
3 min
Leveraging the power of Metasploit's resource scripts
As a pentester for Rapid7 I use Metasploit a lot. I think one of the most
overlooked features in Metasploit is the ability to create resource scripts.
What are resource scripts you ask? “A resource file is essentially a batch
script for Metasploit; using these files you can automate common tasks – H.D.
Moore.”
There are several resource scripts included with Metasploit, one of which is
port_cleaner. If you're like me you have had times when, after importing NMAP
scan data, a bunch of cruft fo
3 min
Metasploit
Weekly Metasploit Update: ADSI support and MSFTidy for sanity
Meterpreter ADSI support
We ended up skipping last week's update since upwards of 90% of Rapid7 folks
were Shanghaied up to Boston, in the dead of winter, with only
expense-reportable booze too keep us warm at night. So, with much fanfare comes
this week's update, featuring the all new ADSI interface for Meterpreter, via OJ
TheColonial Reeves' Extended API.
Lucky for us, and you, Carlos DarkOperator
Perez was not ensconced i
3 min
Pwn Faster with Metasploit's Multi-Host Check Command
One of the most popular requests I've received from professional penetration
testers is that they often need to be able to break into a network as fast as
possible, and as many as possible during an engagement. While Metasploit Pro or
even the community edition already gives you a significant advantage in speed
and efficiency, there is still quite a large group of hardcore Framework users
out there, so we do whatever we can to improve everybody's hacking experience. A
new trick we'd like to in
7 min
Exploitable vulnerabilities #1 (MS08-067)
Description
In November of 2003 Microsoft standardized its patch release cycle. By releasing
its patches on the second Tuesday of every month Microsoft hoped to address
issues that were the result of patches being release in a non uniform fashion.
This effort has become known as Patch-Tuesday. From the implementation of
Patch-Tuesday (November, 2003) until December, 2008 Microsoft released a total
of 10 patches that were not release on a Patch-Tuesday also known as
“out-of-band” patches. The 10t
2 min
IT Ops
How to Monitor the Health of Your Application and Infrastructure With the Same Solution
With an attractive total cost of ownership of cloud-based solutions versus
on-premise solutions, a highly flexible nature and the ability to scale up
rapidly, there has been a steady increase in companies moving infrastructure out
of racks and into the cloud.
As more companies move their mission critical systems out of their physical
control to these cloud-based solutions, it only makes sense that their
application and machine generated logs are even more important than ever before.
With that
5 min
Metasploit
Making Your Printer Say "Feed Me a Kitten" and Also Exfiltrate Sensitive Data
As of this last release, PJL
(HP's Printer Job Language)
is now a grown-up Rex::Proto protocol! Since extending a protocol in Metasploit
is beyond the scope of this post, we'll just be covering how to use the PoC
modules included with the new protocol. Feel free to dig around in
lib/rex/proto/pjl*, though!
Okay, let's get started!
printer_version_info
First off, we have printer_version_info. This module lets us scan a range of
hosts for pri
3 min
Metasploit
Weekly Metasploit Update: Talking PJL With Printers
Abusing Printers with PJL
This week's release features a half dozen new modules that seek out printers
that talk the Print Job Language (PJL) for use and abuse. Huge thanks to our
newest full time Metasploit trouble maker, William Vu
.
As a penetration tester, you probably already know that office printers
represent tasty targets. Like most hardware with embedded systems, they rarely,
if ever, get patches. They don't often have very serious security controls
2 min
IT Ops
Amazon S3 Archiving...You asked, we delivered!
One thing we like to think we do well here at Logentries is listen to our
global
user base ! Something that a lot of you have asked
for recently is log archiving. Ask and you shall receive – we have now opened a
Beta for archiving to Amazon S3. So you can be safe in the knowledge that your
log files will be archived safely every night to a reliable storage facility
should you ever need them in the future. You can also be sure that any
compliance or PCI requirements
3 min
News on the Embedded Systems Land
Last year we worked hard to improve the embedded devices capabilities available
on Metasploit collaborating with awesome guys like m-1-k-3
to add new modules and capabilities
, collaborating
and conducting research
like in the IPMI related
work by HD Moore , or shari