Blog | Techniques

Fun With PSEXEC Scanner Metasploit Module

Posted on August 03, 2012Link 

So you have a meterpreter session on some Windows machine remotely or internally. One of the first things a lot of folks will do is escalate to SYSTEM (getsystem or post/windows/escalate/getsystem in meterpreter) and dump the server's password hashes (hashdump or post/windows/gather/hashdump). The logical thing to do next is to begin cracking the hashes...Continue reading 

Cracking WPA PSKs in the Cloud

Posted on April 03, 2012Link 

ve our own wireless security assessment methodology for various WiFi authentication and encryption schemes commonly observed. I thought I'd write a bit about how we handle WPA/WPA2 personal (pre-shared keys). Unlike cracking WEP, which is a crypto-attack, cracking a WPA PSK involves a dictionary attack against a captured WPA handshake. The exception to this is PIN-based WiFi Protected Setup ...Continue reading 

Blind SQL Injection & BurpSuite - Like a Boss

Posted on April 22, 2011Link 

SQL injection used to be a lot easier a few years ago when it was less known, web application security was less mature, and errors were often exposed. It's very easy to use a variety of methods to cause errors to display database names, table names, column names, and even row values... when errors are enabled. These days, the SQL...Continue reading 

Have Questions?
Get Answers