Tuesday, May 26, 2009

Goodbye Blog, Hello BackTrack 4

I've consolidated all my blogs at :

http://www.offensive-security.com/blog

This new blog will keep you updated with the latest and greatest in the world of BackTrack.

Saturday, March 28, 2009

Offensive-Security.com Cowpatty Rainbow Table Collection

We've finally gotten up to uploading and hosting our massive Offensive Security Cowpatty WPA rainbow tables.

We've crunched the top 200 SSIDs, with a 49 million password WPA optimised dictionary file. The list will be updated as we continue uploading new files....

http://www.offensive-security.com/wpa-tables/

Please help seeding these files if possible. Pushing hundreds of GBs across the internet is not a simple task :)

Friday, January 30, 2009

Cracking WPA at the speed of pico

We're building a new WPA Rainbow Table cracking collection, using a 40 million long password list.
Each table is 1.9 GB, created per SSID. We're crunching through the top 500 SSIDs for this project, with David from Pico Computing leading the way.

The tables will be used in a contest at shmoo, and later on be available on torrents. We presently have over 350 GB of tables, and still counting.

This is what aircrack-ng looks like when connected to an array of 35 E16 picos:

BackTrack 4 Beta almost out of the oven!


Once again, it's that time of the year... we are working hard on BackTrack 4 and it will be released in the very near future...

I've set up a small blog where I'll be able to post BT4 related information, until our wiki is fully functional. Check it out here : http://backtrack4.blogspot.com/

Wednesday, December 10, 2008

MS Internet Explorer XML Parsing Remote Buffer Overflow Exploit

Just downloaded it from:
http://milw0rm.com/exploits/7403
Played around with it, got code exec in Vista SP1:
http://www.offensive-security.com/0day/iesploit-vista.rar




Updated my Vista Box:



After fully patching my box, the exploit was still working, giving full code exec. Yikes.

Tuesday, July 01, 2008

Metasploit 3 on an iPhone

The idea of getting Metasploit 3 on an iPhone has been bugging me for a while.
We've already put it on a WRT54g, so having it on an iphone was a must.
The Ruby package in the iPhone installer is broken, and recompiling it... just didn't seem like fun.
I haven't had too much background with installing iPhone firmwares, so i called on my trustworthy friend, Jacky.

I read that the Cydia installer was a better environment (BSD Subsystem replacement) for these games...so after a painful process of bricking my iPhone, being saved by Jacky, installing Cydia, ruby, wget, mobile terminal, svn and downloading metasploit - we got it to work!

iPwn takes on a whole new meaning :)







http://www.offensive-security.com/images/iphone01.jpg
http://www.offensive-security.com/images/iphone02.jpg
http://www.offensive-security.com/images/iphone03.jpg
http://www.offensive-security.com/images/iphone04.jpg
http://www.offensive-security.com/images/iphone05.jpg


PS - Just to later find out that Metasploit 3 is already included in the Cydia installer...ugh.

Tuesday, June 10, 2008

BackTrack 3 Final - Release Information

It's finally happening....BackTrack 3 Final is being released....Finally!
Max, Martin and I have slaved for weeks and months, together with the help of many remote-exploit'ers to bring you this fine release. As usual, this version overshadows the previous ones with extra cool things.

Saint
SAINT has provided BackTrack users with a functional version of SAINT, pending a free request for an IP range license through the SAINT website, valid for 1 year.

Maltego
The guys over at Paterva have created a special version of Maltego v2.0 with a community license especially for BackTrack users. We would like to thank Paterva for co-operating with us and allowing us to feature this amazing tool in BackTrack.

Nessus
Tenable would not allow for redistribution of Nessus.

Kernel
2.6.21.5. Yes, yes, stop whining....We had serious deliberations concerning the BT3 kernel. We decided not to upgrade to a newer kernel as wireless injection patches were not fully tested and verified. We did not want to jeopardize the awesome wireless capabilities of BT3 for the sake of sexiness or slightly increased hardware compatibilities. All relevant security patches have been applied.

Tools
As usual, updated, sharpened, SVN'ed and armed to the teeth. This release we have some special features such as spoonwep, fastrack and other cool additions.

Availability
We will be releasing an internal "IRC pre release" version of BT3F for final testing and identification of possible blunders...and shortly after that we will have a full blown release.

Final Requests
We request the community to not mirror or torrent this release, or otherwise distribute it online without our knowledge. We are trying to gather statistics about bt3 downloads. If you would like to mirror BT3 then please:
1) Think again! Traffic generated by BT3 downloads is CRAZY.
2) Please contact us before doing so.
3) Send us monthly statistics of downloads for the iso.

If you would like to add a link to BackTrack downloads to your website, please use:

http://www.remote-exploit.org/backtrack_download.html as the download link.


Rants
Problems, fixes, bugs, opinions - should all end up in our Remote Exploit community forums, and our wiki:

http://forums.remote-exploit.org
http://wiki.remote-exploit.org



Over and out,

Muts, Max, MjM