Saturday, January 30th, 2010 This is just a quick example of how you can quickly and easily modify the HOSTS file on a compromised Windows system using the meterpreter script called hostsedit. As always, we start off with a basic exploit to gain a meterpreter session back from the victim's machine:msf > use windows/smb/ms08_067_netapi
msf ...
Posted in Internet, Privacy, Security, Windows | 1 Comment
Saturday, January 30th, 2010 Here's a quick example of grabbing a screenshot of a compromised system using meterpreter's espia module. Start with a basic exploit to gain a meterpreter session. You'll need to make sure you migrate to a process that has access to Active Desktop or else you will get nothing but blank ...
Posted in Internet, Networking, Privacy, Security | 1 Comment
Saturday, January 30th, 2010 I just wanted to show a quick example of using Incognito to impersonate user tokens on a compromised system. You can think of tokens as a web "cookie" which is just an object that holds your security information for the entire login process so that you don't have to re-authenticate ...
Posted in Internet, Networking, Privacy, Security, Windows | 2 Comments
Friday, January 29th, 2010 Google has recently launched an "experimental new incentive" that could reward security researchers for their bugs in the Chrome browser (all versions - stable, beta, and dev) or in the open source Chromium project itself. Their base reward is identical to Mozilla's at $500, but they are offering a higher ...
Posted in Internet, Security, Software | No Comments
Thursday, January 28th, 2010 This is a tool for security researchers. It allows you to search for either an IP address or a DNS name and display all associated domain names known to Bing.Download:
http://bingprobe.codeplex.com/
Posted in Internet, Networking, Privacy, Software | No Comments
