3 min
Nexpose
Introducing Nexpose 5.5 - CIS, USGCB 2, Enhanced Reporting, and Data Scalability
For those of you that don't know me, I head up the Nexpose engineering team, and
we are excited to introduce the latest release, Nexpose 5.5. This release
focuses on meeting three big needs that we've heard about from our customers.
The first is configuration assessment. This is a big deal for organizations that
are subject to regulatory or internal standards that require confirmation of
specific configurations of IT assets, such as USGCB 2.0. For those
organizations, proving compliance is pain
2 min
Metasploit Hits 1000 Exploits
Along with today's 4.5 release
,
Metasploit hit a thousand exploits.
So, what does that mean? Well, let's take a look, historically.
When Metasploit 1.0 was released on October 6, 2003, it boasted all of 11
exploits, according to this mailing list post
. Now, this is 9 years ago,
so an announcement on a mailing list of more than one exploit was pretty novel,
and "a ton
15 min
Malware
Skynet, a Tor-powered botnet straight from Reddit
While wandering through the dark alleys of the Internet we encountered an
unusual malware artifact, something that we never observed before that gave us
fun while we meticulously dissected it until late night.
The more we spent time looking at it, the more it started to look unusually
familiar. As a matter of fact it turned out being the exact same botnet that an
audacious Reddit user of possible German origin named “throwaway236236”
described in a very popular I Am A thread you can read here
2 min
What would Trinity do with Kingcope's SSH 0day?
Citizens of the Matrix,
Today, I'd like to inform you that there is a Tectia SSH 0day vulnerability
discovered by security researcher "Kingcope "... or
really, we suspect his real name is Mr. Thomas Anderson
. The vulnerability itself
allows any remote user to bypass login if a USERAUTH CHANGE REQUEST is sent
before password authentication, and then gain access as root. Please note as of
now, there is no official patc
2 min
A New Look for Rapid7
Today we unveiled a new logo, website and brand identity for Rapid7. We didn't
make a subtle change, as many companies do. We purposefully made sweeping
changes because we don't like to do anything half way. Yet our new brand bridges
our history and our future.
Our company was founded upon a simple premise: IT security is a complex
challenge, but the solutions designed to address it shouldn't be. We believed
then, and we believe now, that IT security solutions should make your work
easier, mo
2 min
Metasploit
Weekly Metasploit Update: OpenVAS, SAP, NetIQ, and More!
Now that I've consumed a significant percentage of my own weight in turkey
(seriously, it was something like five percent), it's time to shake off the
tryptophan and get this week's update out the door.
Attacking Security Infrastructure: OpenVAS
This week's update features three new module for bruteforcing three different
OpenVAS authentication mechanisms, all provided by community contributor Vlatko
@k0st Kosturjak. OpenVAS is an open source security
management stac
2 min
IT Ops
Getting terminal colors right
As a part of our work on ANSI escape code coloring, I looked in detail at
default colors used in different command line terminals. It appears form the
Wikipedia article that colors
are set at their brightest level with minor variances across implementations:
Adapting these color schemes gives the result as in the following picture:
If you try to read the te
2 min
Metasploit
Weekly Metasploit Update: Web Libs, SAP, ZDI, and More!
Fresh Web Libs
As we head into the holiday season here in the U.S., Metasploit core developers
Tasos @Zap0tek Laskos and James @Egyp7
Lee finished up a refresh of the Metasploit fork of
the Anemone libraries, which is what we use for basic web spidering. You can
read up on it here . The Metasploit fork isn't
too far off of Chris Kite's mainline distribution, but does account for
Metasploit's Rex sockets, ad
18 min
New 0day Exploits: Novell File Reporter Vulnerabilities
Today, we present to you several new vulnerabilities discovered in Novell File
Reporter 1.0.2, which "helps organizations more effectively manage network
storage by providing administrators the ability to access comprehensive network
storage information so that they can determine the best means of addressing
their storage content". Following our standard disclosure policy, we notified
both Novell and CERT.
Vulnerabilities Summary
The four vulnerabilities presented have been found in the same co
4 min
Metasploit
Weekly Metasploit Update: WinRM x2, ADDP, RealPort, CI and BDD
WinRM, Part Two
In the last Metasploit update blog post, we talked about the work from
Metasploit core contributors @TheLightCosine
, @mubix and @_sinn3r on
leveraging WinRM / WinRS. As of this update, Metasploit users can now execute
WQL queries
, execute
commands ,
an
1 min
IT Ops
Feature requests
There are so many thing we can do with logs. We have a pile of new ideas on how
to make Logentries better and we spend time implementing these every single day.
We also collect feature requests from you, our lovely users. But we want to do
more – we want to include you to the whole process of future development.
We are happy to announce our Feature requests page, a page that enables you to
add new feature requests, vote on them, and add comments with more details.
Access the page from the sideb
6 min
Metasploit
Abusing Windows Remote Management (WinRM) with Metasploit
Late one night at Derbycon , Mubix
and I were discussing various techniques of mass
ownage. When Mubix told me about the WinRM service, I wondered: "Why don't we
have any Metasploit modules for this yet?" After I got back , I began digging.
WinRM/WinRS
WinRM is a remote management service for Windows that is installed but not
enabled by default in Windows XP and higher versions, but you can install it on
older operating systems as well. Win
1 min
Career Development
Rapid7 Is a Boston Globe Top Place to Work...Again!
I'm very happy to announce that Rapid7 has placed #13 on the Boston Globe's Top
Places to Work 2012. It's our second
consecutive year on the Globe's list, and thanks to our phenomenal growth, this
year we hopped over from the small business category to the mid-sized category.
We've expanded our numbers 50% already this year and just reported our 14th
consecutive record quarter
3 min
Metasploit
Weekly Metasploit Update: WinRM Part One, Exploiting Metasploit, and More!
WinRM Exploit Library
For the last couple weeks, Metasploit core contributor David @TheLightCosine
Maloney has been diving into Microsoft's
WinRM services with @mubix and @_sinn3r
. Until these guys started talking about it, I'd
never heard WinRM. If you're also not in the Windows support world day-to-day,
you can read up on it at Microsoft
2 min
Metasploit
Weekly Metasploit Update: Microsoft Windows and SQL, TurboFTP, and More!
AppSecUSA 2012
Last week was AppSecUSA 2012 here in Austin, which may explain the curious
absence of a weekly Metasploit Update blog post. The hilights of Appsec for me,
were (in no particular order): Meeting Raphael @ArmitageHacker
Mudge in person for the first time, meeting
Scott @_nullbind Sutherland, author of a bunch of
recent Microsoft SQL post modules, and both of whom happened to contribute to
last week's Metasploit upda