My buddy Aamir aka DrChaos.com wrote a interesting post defining what a Rainbow table is, when they are used and why salting passwords makes it hard to use Rainbow tables. The original post can be found HERE.
On the topic of breaking passwords, I often hear security professionals and a few other folks mention Rainbow Tables. I used to think a Rainbow Table was a set of pre-computed (pre-calculated) hashes from passwords…essentially a lookup table where a plaintext’s unencrypted password corresponds to a known hash.
However, this is not a totally accurate definition of a Rainbow Table. In reality, a reverse lookup table allows you create a second table consisting of the password hash of user accounts. Then you use a Rainbow Table consisting of hashes and guessed passwords to compare the two. You can see if the hashed password of compromised user account matches a hashed password in lookup table. Continue reading →
Cyber arms posted a cool article on how to bypass anti-virus with the new shelter module in metasploit. The original post can be found HERE. I covered this topic using a different program in a older post HERE.
Having trouble getting a Meterpreter shell past that pesky AV? Check out the new Shellter 5.1 shellcode injection tool! The latest version of Shellter for pentesters includes a “stealth” mode that retains the functionality of the original host program. Continue reading →
I have been a fan of the gadgets produced by Hak5. For example, you can find a post I wrote on the WIFI Pineapple HERE. I picked up the latest tool from Hak5 known as the LAN Turtle from DEFCON23 and have configured it to auto SSH to a server hosted in the cloud (thanks to Aamir aka DrChaos for the server). This post will cover an overview of the LAN Turtle and how to setup an auto SSH to remotely access the LAN Turtle as well as cloud folder to easily remove data from a target network. Continue reading →
My buddy Aamir Lakahi from drchaos.com wrote a cool post on how to hide malware inside Adobe PDF files. The original post can be found HERE.
Distributing malware inside Adobe PDF documents is a popular method for attackers to compromise systems. Within the latest versions of Reader, Adobe has added multiple updates to address vulnerabilities. Additionally, Adobe has added a robust software sandbox capability to Reader, which activates if attackers use PDF vulnerabilities to attempt exploit of a system. Due to this sandbox addition, attackers are left with extremely limited and temporary access, restricting what can be accomplished. Continue reading →
My buddy Aamir Lakhani wrote a interesting post on the latest update of OpenVAS 8.0. This is a very useful vulnerability scanner available in Kali Linux. The original post can be found HERE.
Vulnerability scanning is a crucial phase of a penetration test and having an updated vulnerability scanner in your security toolkit can often make a real difference by helping you discover overlooked vulnerable items. For this reason, we’ve manually packaged the latest and newly released OpenVAS 8.0 tool and libraries for Kali Linux. Although nothing major has changed in this release in terms of running the vulnerability scanner, we wanted to give a quick overview on how to get it up and running. Continue reading →
My buddy Aamir Lakahani wrote a cool post on how to create exploits with Metasploit. The original post can be found HERE.
Metasploit has the ability to create an executable payload. This can be extremely useful if you can get a target machine to run the executable. Attackers often use social engineering, phishing, and other attacks to get a victim to run a payload. If attackers can get their a victim to run a payload, there is no reason for an attacker to find and exploit vulnerable software.Continue reading →
In order to bring attention to how easy hackers are able to exploit applications, the people at Arxan Technologies have posted a series of videos showing how to hack mobile apps using various open source tools. You can find the videos HERE. Jonathan Carter does a pretty good job going into details on how the tools work with lots of details. Check it out.
I have been asked a handful of times about the steps to install Kali Linux on a Raspberry Pi. My buddy Aamir Lakhani and I went through the installation process a million times with different models to develop our best practices for the installation process. This post will cover a very short summary of how to install Kali Linux on a model B+ Raspberry Pi. The full details as well as many other Raspberry Pi penetration testing use cases can be found in our book HERE. Continue reading →