Common Exploits - Exploitation Tools & Techniques For Penetration Testers

10th August 2011

Metasploit Book Review

I have just finished the new Metasploit: The Penetration Tester’s Guide book and thought would share my thoughts on this. I am not really a big fan of reading books, I tend to play about and work things out myself but I had to order this book the second I see it as Metasploit is a […]

0
0
1
0
0
1shares

Read

1st April 2011

Metasploit April Fools

Very funny to see this when updated and logged in today to Metasploit..Good to see they have a sense of humor!

0
0
0
0
0
0shares

Read

4th December 2010

Common Exploits Goes Mobile!

Yes you can now view common exploits with ease on your smart phone devices. It will auto detect and display a much more friendly version to your mobile device. Most pen testers are often travelling over the place to clients and a perfect way to view on your mobile. Hope you like it.

0
0
0
0
0
0shares

Read

28th November 2010

Armitage – Metasploit Free Management GUI

I came across something very cool today for Metasploit. Armitage has released a very nice gui management system to control Metasploit and make life easier to manage to exploit systems. Although I like to use non gui products, this is really something good and is like an open source Core Impact style system. It allows […]

0
0
0
0
0
0shares

Read

26th November 2010

Impersonating The Domain Administrator via SQL Server

A recent presentation I gave for 7Safe. It demonstrates how it is possible to fully compromise the domain using a fully patched Microsoft SQL server that has a firewall enabled. Using the SQL server I impersonate the domain administrator account without any passwords or password hashes being known or extracted. It also demonstrates the risk […]

0
0
0
0
0
0shares

Read

4th November 2010

Top 5 Common Issues – Article

A recent article I wrote for 7Safe (November 2010). It is a management level summary of the top 5 most common ways into networks I find when conducting internal infrastructure testing. Click the image below to read the full article.

0
0
0
0
0
0shares

Read

28th October 2010

Iphone OS 4.1 Pin Code Bypass

A demo I made for 7Safe of the recent bug within OS 4.1 on the iPhone. This allows a locked phone to by bypassed giving access to contacts, recent calls, viewing of photos and making calls/voicemail etc. Apple should be releasing OS 4.2 to address this issue.

0
0
0
0
0
0shares

Read

23rd October 2010

Own With An iPhone

Something a little bit different here… You expect to see all hackers with a laptop right….? Think again!.

0
0
0
0
0
0shares

Read

15th October 2010

Real World Pen Testing Demonstration

A recent hacking presentation I gave in London for 7Safe demonstrating client side exploits, pivot attacks using Metasploit.

0
0
0
0
0
0shares

Read

24th September 2010

Print Spooler Exploit – MS10-061

This is an interesting exploit. No client interaction is required. This exploits the print spooler on target systems by submitting a job into the schedule which then executes as SYSTEM. Microsoft ref MS10-061.

0
0
0
0
0
0shares

Read