PRINT
PRINT
SEND MAIL
SEND MAIL

Month: November 2017

METASPLOIT TUTORIALS

Metasploit MinRID Option

We’ve added a new option to the smb_lookupsid Metasploit module. You can now specify your starting RID. Wait, What Does This Module Do Again? As a penetration tester, one of the first things I try to do on an internal network is enumerate all of the domain users so that I can perform login attacks against them. It would be a noteworthy risk if we could do that anonymously, because that means that any malicious actor who can connect to an affected system can…

TUTORIALS

AutoIt Scripting Used By Overlay Malware to Bypass AV Detection

IBM’s X-Force Research team reports hackers attacking Brazilian banks are using the Windows scripting tool called AutoIt to install a remote access Trojan (RAT) capable of hijacking browser-based banking sessions. The use of AutoIt, researchers said, reduces the likelihood of antivirus detection. Attackers are often able to sidestep AV by using an AutoIt script to compile malicious code and run it as a valid AutoIt framework process. Related PostsDevilish ONI Attacks in Japan Use Wiper to Cover Tracks November 2, 2017 , 9:44 amEternalBlue…

TUTORIALS

Kali Linux on AWS

Every organization should have a security policy designed to fit its needs based on risks, threats, regulations and the value of the information it wants to protect. Part of such a security policy should encompass vulnerability management and testing. More substantial and more security minded businesses often also perform regular penetration tests to identify vulnerabilities in their systems that go beyond the reach of standard vulnerability scanners. When it comes to penetration testing, Offensive Security’s Kali Linux is the most widely used toolset in…

TUTORIALS

IoT is Insecure, Get Over It! Say Researchers

BOSTON—Noted security experts Charlie Miller and Chris Valasek said the Internet of Things can’t be secure, but it can be tamed. Drawing from their car hacking experience, the two spent the morning contemplating the larger universe of IoT security and conceded that there will always be thousands of connected devices that will never be secure, and that industry should prioritize personal safety and the security of automobiles and medical devices, for example, over toothbrushes and door locks. Related PostsThreatpost News Wrap Podcast for Nov.…

TUTORIALS

US-CERT Warns of Crypto Bugs in IEEE Standard

Recent academic work focused on weak cryptographic protections in the implementation of the IEEE P1735 standard has been escalated to an alert published Friday by the Department of Homeland Security. DHS’ US-CERT warned the IEEE P1735 standard for encrypting electronic-design intellectual property and the management of access rights for such IP is flawed. Related PostsJuniper Issues Security Alert Tied to Routers and Switches August 10, 2017 , 1:56 pmHikvision Patches Backdoor in IP Cameras May 8, 2017 , 2:56 pmAviation-Related Phishing Campaigns Seeking Credentials…

METASPLOIT TUTORIALS

Testing Developer Security with Metasploit Pro Task Chains

In this modern age, technology continues to make inroads into all sorts of industries. Everything from smartphones to late-model automobiles to internet-connected toasters requires software to operate, and this proliferation of software has brought along gaggles of software developers with their tools-of-the-trade. All this technology —not to mention the people utilizing it— can result in an increased attack surface for organizations doing software development. In this blog post, we’ll explore how to use a custom resource script in a Metasploit Pro task chain to…

METASPLOIT TUTORIALS

Testing SMB Security with Metasploit Pro Task Chains: Part 2

This is part two of our blog series on testing SMB security with Metasploit Pro. In the previous post, we explained how to use Metasploit Pro’s Task Chains feature to audit SMB passwords automatically. Read it here if you haven’t already. In today’s blog post, we will talk about how to use a custom resource script in a Task Chain to automatically find some publicly-known high-profile vulnerabilities in SMB. Publicly-known exploits are something no one should underestimate: most network breaches arise from compromise due…