Setting up a pen-testing lab-in-a-box
So, I got my hands on a handy, used Dell Latitude 620 with 2GB ram for next-to-nothing. I’m looking for something to do with it… How about, set up a penetration testing platform complete with: safe,...
View ArticleDecrypting files using OpenSSL
Background I’m playing with one of the De-ICE pen-testing CD’s, and I came across a file that was encrypted. The problem is, I don’t know: The cipher used to encrypt the file The password used Whether...
View ArticleYet Another Netcat Introduction
Howdy folks! Episode 195 of PaulDotCom Security Weekly prompted me to revisit an old favorite, netcat (many netcat versions exist). On the episode, Ed Skoudis provided an excellent technical segment on...
View ArticleCreating a bootable USB thumb drive
I want to get started with BackTrack 4 R2 (BT4R2) on a dedicated laptop. But I don’t think I can burn a DVD reliably, so I need another method. Solution - Bootable USB Thumb Drive This solution may...
View ArticleKarmetasploit on BT4R2
Purpose The purpose of this post is to provide quick guidance on getting Karmetasploit running on BT4R2 for my specific environment. These steps may work for you, but this post is intended, primarily,...
View ArticleFix screen resolution for BackTrack VM under VirtualBox
Revisions: 20110521 - Revised to show the fix for BT5 On BT5 The following worked with no fuss: # Xorg -configure # cp /root/xorg.conf.new /etc/X11/xorg.conf # startx And that’s it! On BT4 Note to...
View ArticleTutorial – remote buffer overflow identification and exploitation
Authors Hakuza and Mooky Purpose This tutorial provides a step-by-step walk-through of the identification of a remotely accessible buffer overflow, information gathering, and the development of a...
View ArticleMetasploit module creation
My friend Daniel “Mooky” Robertson provided this brief tutorial on Metasploit module creation. Rather than incorporating it into the remote buffer overflow tutorial, his work deserves its own,...
View ArticleSCADA, DCS, and air gaps
When most people talk about SCADA, they are generally including a whole lot of stuff that is not SCADA. In general, true SCADA systems are and must be connected in some way. This is generally because...
View ArticleHands On: Redundant firewalls using CARP and pfsync on OpenBSD 5.0
I recently completed reading the pf FAQ on the OpenBSD website. I have been doing quite a bit of playing around and thought I would document the testing I performed on creating a redundant firewall...
View Article