I wanted to implement a simple server that would register source IPs which it was ping from and display it back to me. This way i wouldn’t have to spin up an instance each time I want to test a remote execution vulnerability on a box I’m testing.
Scenario: I’m…
Genymotion is so far my favorite Android emulator. It’s both powerful and easy to use. It’s widely used by developers because it’s way faster than Android Studio emulator. …
After returning from DefCon I wanted to make sure my iPhone is not communicating with any sketchy servers out there. So decided to run a quick tcpdump on the traffic and here is how to do it:
First you need to install Xcode. Once you create a project and connect…
It’s not uncommon that VPN connection to our client’s boxes either breaks mid testing or is blocked by some firewall or IDS. SSH tunneling can be used as a back up connection to already existing VPN connection or as a decent lightweight alternative.
Things we’ll need:
- AWS instance for pivoting
- …
Look for the exploit you want to add: searchsploit sonicwall 8.1.0.2-14sv Make a note of the path for the exploit.
Next, you would need to create a folder in the .msf4/modules directory that correlates with the path in exploit-db. So in this case I will add cgi/webapps.
Go to your newly created folder and copy the exploit:
cp /usr/share/exploitdb/exploits/cgi/webapps/42344.rb /root/.msf4/modules/exploits/cgi/webapps/Make sure that you specify both, the root path (its specified right underneath the title “Path” in the searchsploit search output) and the relative path.
I perform network penetration testing from headless Kali boxes. This is limiting when I want to test internally available web apps. I can get away with SSH tunneling (aka port forwarding) for basic applications or RDP interface but it quickly becomes a pain once you start interacting with dynamic content…
My environment for this setup: MacOS, Burp Suite, Tor service, Firefox browser and brew.
- Install tor service(not the TorBrowser bundle). On Mac you can do it with “brew install tor”. If you don’t have brew installed run this command:
/usr/bin/ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)DD-WRT does not support repeater mode for Atheros chipset based routers. Hence you will not find Repeater and Repeater Bridge options under Wireless Settings. You can still however achieve similar result with Client mode connection. It won’t be as seamless as it would be in Repeater mode though, you would…
I found running BeEF from Kali VirtualBox inconvenient because it requires port forwarding from VMnet, then LAN uggh… You’d really want to connect directly with BeEF. So there.
- Get Ubuntu or other Debian instance. Red Hat (ie Amazon instance is missing some dependancies).
- Follow https://github.com/beefproject/beef/wiki/installation. Make sure to install Ruby…
What happens when you open an email and allow it to display embedded images and pixels? You may expect the sender to learn that you’ve read the email, and which device you used to read it. But in a new paper we find that privacy risks of email tracking extend…
