WPS - Wifi Protected Setup - PIN BTA vulnerability
link to read:
https://code.google.com/p/reaver-wps/wiki/README
"...Reaver targets the external registrar functionality mandated by the WiFi Protected Setup specification.
Access points will provide authenticated registrars with their current wireless configuration (including the WPA PSK), and also accept a new configuration from the registrar."
nice =)
http://dshield.org/diary.html?storyid=12292
Sexta-feira, 30 de Dezembro de 2011
Segunda-feira, 14 de Novembro de 2011
win7 - Activate Netlogon debugging
Sometimes we need to see exactly what's happening on a host logon, to do this on a Win7 Box:
1. Start the Regedt32 program.
2. Delete the Reg_SZ value of the following registry entry, create a REG_DWORD value with the same name, and then add the 2080FFFF hexadecimal value.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\DBFlag
3. At a command prompt, type net stop netlogon, and then type net start netlogon. This enables debug logging.
After this a new file is created on %windir%\debug\netlogon.log
Happy reading...
.
Domingo, 13 de Novembro de 2011
Easter Egg for Win7 - Local DoS for Win2008 / O.o
Special folder : "God mode" on Win7
Create a folder with any name, than add this extension:
.{ED7BA470-8E54-465E-825C-99712043E01C}
Tchan tchan ;)
(it doesn't give you any new "privileges" but it as a lot of nice config stuff)
However if you do this on a Win2008 desktop you'll have problems !!
! Local denial of service O.o
(if you did it on win2008, and are getting an "explorer error" you should access the remote admin share c$ and rename the folder)
http://it-audit.sans.org/blog/2011/08/22/windows-7-feature-windows-2008-local-denial-of-service/
Create a folder with any name, than add this extension:
.{ED7BA470-8E54-465E-825C-99712043E01C}
Tchan tchan ;)
(it doesn't give you any new "privileges" but it as a lot of nice config stuff)
However if you do this on a Win2008 desktop you'll have problems !!
! Local denial of service O.o
(if you did it on win2008, and are getting an "explorer error" you should access the remote admin share c$ and rename the folder)
http://it-audit.sans.org/blog/2011/08/22/windows-7-feature-windows-2008-local-denial-of-service/
Terça-feira, 8 de Novembro de 2011
More links....to read
Nice intro into TCP / tcpdump
http://danielmiessler.com/study/tcpdump/
Lots pentest links:
http://danielmiessler.com/study/tcpdump/
Lots pentest links:
http://code.google.com/p/pentest-bookmarks/wiki/BookmarksList
BrowserSec:
http://code.google.com/p/browsersec/wiki/MainMalware on routers:
http://www.securelist.com/en/analysis/204792187/Heads_of_the_Hydra_Malware_for_Network_Devices
Nice tools:
http://dereknewton.com/forensic-tools/File checksum integrity verifier:
http://support.microsoft.com/kb/841290
Microsoft AD directory services - blog
http://blogs.technet.com/b/askds/
.: TEST APPS :.
BadStore
Link: http://www.badstore.net/
Platform: Perl, Apache and MySQL
Install: Meant to run by booting a Live CD, but I'd recommend using my Live CD VMX
Notes: Easy to set up, and it's nice that you can run it from a VM with a little work. Just make sure you set the VM to use the IP addresses that are only available from the local host OS (NAT or Host-only).
Damn Vulnerable Web App
Link: http://www.ethicalhack3r.co.uk/damn-vulnerable-web-app/
Platform: PHP, Apache and MySQL
Install: Should work on any box you can install Apache/PHP/MySQL on.
Hacme TravelLink: http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm
Platform: Windows XP, MSDE 2000 Release A, Microsoft .NET Framework v1.1, C++
http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
Moth
Link: http://www.bonsai-sec.com/en/research/moth.php
Platform: Linux VMWare image
Install: Just download the VM and open it in VMWare player
WebGoat
Link: http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Platform: J2EE web application
Install: Self contained Tomcat server you can run from a directory under Windows or Linux
Test ssl
http://www.darknet.org.uk/2011/12/sslyze-fast-and-full-featured-ssl-configuration-scanner/
http://www.irongeek.com/i.php?page=security/deliberately-insecure-web-applications-for-learning-web-app-security
Microsoft AD directory services - blog
http://blogs.technet.com/b/askds/
.: TEST APPS :.
BadStore
Link: http://www.badstore.net/
Platform: Perl, Apache and MySQL
Install: Meant to run by booting a Live CD, but I'd recommend using my Live CD VMX
Notes: Easy to set up, and it's nice that you can run it from a VM with a little work. Just make sure you set the VM to use the IP addresses that are only available from the local host OS (NAT or Host-only).
Damn Vulnerable Web App
Link: http://www.ethicalhack3r.co.uk/damn-vulnerable-web-app/
Platform: PHP, Apache and MySQL
Install: Should work on any box you can install Apache/PHP/MySQL on.
Hacme TravelLink: http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm
Platform: Windows XP, MSDE 2000 Release A, Microsoft .NET Framework v1.1, C++
http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
Moth
Link: http://www.bonsai-sec.com/en/research/moth.php
Platform: Linux VMWare image
Install: Just download the VM and open it in VMWare player
WebGoat
Link: http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Platform: J2EE web application
Install: Self contained Tomcat server you can run from a directory under Windows or Linux
Test ssl
http://www.darknet.org.uk/2011/12/sslyze-fast-and-full-featured-ssl-configuration-scanner/
http://www.irongeek.com/i.php?page=security/deliberately-insecure-web-applications-for-learning-web-app-security
Subscrever:
Mensagens (Atom)