Saturday, October 14, 2006

BackTrack v2.0 Public Beta Has Been Released!

Released a public Beta version today. Max and I have stomped out most of the bugs, and after s short testing period, we'll release the final. Send feedback!

Monday, October 02, 2006

McAfee Epolicy Orchestrator / ProtectionPilot Buffer Overflow

I've released a PoC exploit for McAfee Epolicy Orchestrator / ProtectionPilot last night.
This exploit was tested on Win2k SP4 / Win2k3 sp1.
McAfee were notified on the 14th July, and havn't managed to get it pacthed since.

Proof of concept exploit code is available at:

And a short article describing the exploit is available at :

Monday, September 25, 2006

BackTrack John the Ripper (MPI) Cluster Server

I've been working on a password cracking cluster. I will be integrating this into the next version of BackTrack (which is currently under development). The general idea is to have a BackTrack CD with PXE capabilities. Computers can now boot from the network, and join the Cracking cluster.

For more info, check this:

Monday, May 15, 2006

Back|Track Security Final Release

After spending countless hours flattening out bugs - Max and I will soon be releasing the final version of BackTrack. Our estimated date is the 26th May, but of course, subject to change.


We've decided to beta test the final release, and provide a limited download to our hardcore IRC users - just to make sure we havn't messed anything up. Several nice people are helping us host this iso. PLEASE GIVE FEEDBACK.
MD5sum : 14ebbbf7f914cc547fba995c513fa4bf

Metasploit on WRTSL54GS

After mucking around with my NEW Linksys router, a managed to get Metasploit Framework to run on it. More information can be found in the remote-exploit site:

Unbricking a WRT54G

I bricked my WRT54G. T'was a sad day. Well, to be honest, I didn't exactly "brick" it, I had openwrt on it, with no "boot_wait", and i had forgotten the ssh password to it. It seemed like the only option I had was do build a serial console for it, and solder it to the WRT54G board - which made me shudder. After googling for a while, I found an interesting article describing an "unbricking" method which worked for me. The whole presentation can be found at .
Apparently, this is a dangerous procedure, which can result in a completely DEAD WRT, be warned.