Archive for July, 2010

PXE exploitation

Update: This complete attack, including the DHCP server, has been incorporated into Metasploit. Update and enjoy. The module is auxiliary/server/pxexploit PXE booting has been around for over a decade and is supported by most system BIOSs. And I have also seen it left on in production environments. Although it is very convenient for mass OS […]

No Comments

Sessionthief

Another little project I put together a couple of years ago is sessionthief. When I need to quickly demonstrate the insecurity of open wireless networks, this is my first choice, as it has the ability to immediately hack into most websites another user on the same LAN is logged into. It performs HTTP session cloning […]

8 Comments

msfgui – now in metasploit

The new msfgui is now in metasploit; svn up your msf3/ directory to get it. There is also a good review at http://www.darkoperator.com/blog/2010/7/14/metasploit-new-gui.html Initial reception has been good, although a few bugs have popped up. It supports most scripts and most options on them via a right-click menu on a meterpreter session, generates a basic […]

No Comments