Jump to content

rsmudge

Active Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Everything posted by rsmudge

  1. rsmudge

    Which do you prefer for dumping hashes: windows/gather/smart_hashdump or meterp hashdump command?

  2. rsmudge

    Alright, Shuttle PC case put together. Just need to get some HDDs and then put together a killer lab for my students http://t.co/WDWfW5Aj

  3. rsmudge

    Have you used Armitage's View -> Reporting -> Export Data feature yet? How is it and what would improve it for you?

  4. rsmudge

    Thanks to @irongeek_adc my DerbyCon talk: Dirty Red Team Tricks is now online for your Saturday viewing pleasure. http://t.co/01PeWkF6

  5. rsmudge

    Today's been a good day. Back to my normal self. I've been really productive on stuff I've been needing to do. No complaints so far.

  6. rsmudge

    Here's the system I've spec'd for my VM lab. Will use ESXi or VirtualBox. I have an MSDN subscription too. Thoughts? http://t.co/ZqR1O2qo

  7. rsmudge

    From Armitage User Survey: "used Armitage at a CTF and got 2nd place. Beaten by a team w/ Core Impact. Unfair, but I popped the first box"

  8. rsmudge

    As much as I jet around cheering Armitage & Metasploit, not long ago it was ra-ra After the Deadline & WordPress. http://t.co/wXjAFsoN

  9. rsmudge

    Metasploit and Armitage attack SCADA in Department of Homeland Security Training Exercisehttp://t.co/j9Dtl2QZ

  10. rsmudge
    @nomadpenguin You shouldn't use MySQL with Armitage. The Metasploit team uses postgresql. Also, there is a known issue where Metasploit updates fail to update the db tables properly when MySQL is in use. Armitage and Metasploit work with BackTrack 5 out of the box. Postgresql should always be running by default on BackTrack 5. If it's not (hence the "is the database running message?"), then you need to get it running. Type: /etc/init.d/framework-postgres start It'll either start or you'll see an error message. If you see bogus data in lock file "postmaster.pid" then you'll need to type the following: rm /opt/framework3/postgresql/data/postmaster.pid rm /opt/framework3/postgresql/.s.PGSQL.7175 rm /opt/framework3/postgresql/.s.PGSQL.7175.lock /etc/init.d/framework-postgres start [see: http://www.backtrack-linux.org/forums/backtrack-5-beginners-section/41151-fatal-bogus-data-lock-file-postmaster-pid-help-please.html for the original thread on this issue]. Also, Armitage has a nice Help button in the setup dialog now. Click that button to see every possible thing that I know can go wrong (and what the corresponding remedy is).
  11. rsmudge

    Follow Thursday: @dguido facilitates an amazing pen test course at NYU-Poly. Follow @PentestClass for updates on it. http://t.co/iXTtJZSC

  12. rsmudge

    Misha Glenny: Hire the hackers! - http://t.co/vT3UzkCp - the title sounds like preaching to the choir, but it's worth watching

  13. rsmudge

    The Metasploit book by @dave_rel1k has reunited me with a long lost friend (he saw Armitage and my name mentioned). Going to @eatyourpizza

  14. rsmudge

    Several survey responses came in after my first sticker mailing. I'll honor my sticker promise with a second mailing in about 2 weeks.

  15. rsmudge

    Hey! Armitage third-party video playlist on YouTube just hit 50 videos. 6.5 hours of user created demos. http://t.co/pUreTzS Pretty cool!

  16. rsmudge

    ok, off to the post office.

  17. rsmudge

    I now has stickers from the printer. Want one? Tell me how you use Armitage http://t.co/GQVEQTB They go out tomorrow http://t.co/Pp3Cu37

  18. rsmudge

    Armitage 09.08.11, new: tabs into windows, inactive event log highlights on msg, "try all credentials" in Login dialog http://t.co/okrMOo9

  19. rsmudge

    Occupations, mainly: penetration testers, students, instructors, and system administrators. Self reported skill level varied greatly too

  20. rsmudge

    Pop out tabs in Armitage--a simple UX improvement that, I suspect, you'll find *extremely* valuable at times http://t.co/WFUaM3W

  21. rsmudge

    Ummm, so once again... I am extremely fortunate to have the friends I have. Wow. Thanks again karma/world/whoever.

  22. rsmudge

    Armitage stickers are en route to me. Once they get here, I'll ship to you. It's not too late to get on the list: http://t.co/GQVEQTB

  23. rsmudge
    If you're launching this exploit through Armitage's module launcher, then beware that Armitage will try to configure the payload for you. By default, LPORT is set to some random value. You'll also notice that DisablePayloadHandler is set to true by default as well. Together, these values instruct Metasploit to not start a new payload handler when launching the attack and to instruct meterpreter to connect back to that random port number (which by the way, isn't so random--Armitage has a meterpreter listener running there already). If you don't change LPORT and everything else is ok with the targeted environment, it'll work. If you want to change LPORT, go ahead. Just be sure to set DisablePayloadHandler to false. Optionally, double click the Payload option name (it'll have a thick cross next to it). This will open up a dialog to let you choose what kind of payload you want and whether a listener exists or should be started. This will update all of the payload related options at once and you can tweak from there. This is explained in the documentation too. http://www.fastandeasyhacking.com/manual Now on to the exploit, be aware of a few things about this one: (1) ms11_003_ie_css_import does not like to be served over SSL. In my experience you won't get code execution when this happens (2) The ms11_003_ie_css_import requires that .NET 2.0 is installed on the target machine (necessary for the exploit) (3) The exploit does not trigger twice. If you use it, you have to reboot before you try it again. Since you're going after IE6, this exploit is not what I would use. I recommend trying ie_createobject or the ms10_002_aurora exploit Good luck.
  24. rsmudge

    Just finished Ghost in the Wires, @kevinmitnick 's book. Powerful reading. Right up there with The Cuckoo's Egg for me.

×
×
  • Create New...