Metasploit
mettle your ios with frida
For a long time I have wondered about getting Meterpreter running on an iOS device using Frida. It wasn’t until I had a Twitter conversation with @timwr that I was reminded of Mettle. It was finally time to give it a try. I built an objection plugin that would load it for you, which you can find here. My talk at DEF CON 27 mainly covered some ideas on how…
USaBUSe Linux updates
(If you’re new to this project, read the intro first) For the past few months, I’ve been working on porting the USaBUSe stack from the custom hardware (AVR+ESP8266) to the Linux USB gadget stack. I wanted to make the techniques more accessible to people unfamiliar with embedded development, and I also wanted to take advantage of the variety of possibilities inherent in having a fully featured Linux environment to work…
Windows Domain Privilege Escalation : Implementing PSLoggedOn in Metasploit (+ a bonus history module)
There are multiple paths one could take to getting Domain Admin on a Microsoft Windows Active Directory Domain. One common method for achieving this is to start by finding a system where a privileged domain account, such as a domain admin, is logged into or has recently been logged into. Once access to this system has been gained, either stealing their security tokens (ala Incognito or pass-the-hash attacks) or querying…
Solution for the 44Con Challenge
Last week, we published our 44Con “SillySIP” Challenge for free entry to our BlackOps training course at the 44Con conference this year. We’d like to thank all those who attempted this challenge. $queue->add($beatbox_drumroll); The winner, who responded with the first correct answer, is Ben Campbell. As a result, he gets to hang out with our trainers on a free BlackOps training course. Congratulations Ben! We look forward to meeting you…
44Con Challenge
In a similar fashion to the BlackHat challenge held earlier this year, we’re giving away a free ticket to our BlackOps course at this year’s 44Con. As a penetration tester, knowledge of an issue is not enough when one needs to demonstrate risk to a client. Furthermore, when large numbers of potential targets are involved, it becomes crucial that effective attacks are packaged and automated to allow for mass-pwnage. During an…
Page 1 of 1