Released a public Beta version today. Max and I have stomped out most of the bugs, and after s short testing period, we'll release the final. Send feedback!
http://www.offensive-security.com/downloads.html
Saturday, October 14, 2006
Monday, October 02, 2006
McAfee Epolicy Orchestrator / ProtectionPilot Buffer Overflow
I've released a PoC exploit for McAfee Epolicy Orchestrator / ProtectionPilot last night.
This exploit was tested on Win2k SP4 / Win2k3 sp1.
McAfee were notified on the 14th July, and havn't managed to get it pacthed since.
Proof of concept exploit code is available at:
http://www.remote-exploit.org/exploits/mcafee_epolicy_source.pm
And a short article describing the exploit is available at :
http://www.remote-exploit.org/advisories/mcafee-epo.pdf
This exploit was tested on Win2k SP4 / Win2k3 sp1.
McAfee were notified on the 14th July, and havn't managed to get it pacthed since.
Proof of concept exploit code is available at:
http://www.remote-exploit.org/exploits/mcafee_epolicy_source.pm
And a short article describing the exploit is available at :
http://www.remote-exploit.org/advisories/mcafee-epo.pdf
Monday, September 25, 2006
BackTrack John the Ripper (MPI) Cluster Server
I've been working on a password cracking cluster. I will be integrating this into the next version of BackTrack (which is currently under development). The general idea is to have a BackTrack CD with PXE capabilities. Computers can now boot from the network, and join the Cracking cluster.
For more info, check this:
http://www.remote-exploit.org/BTJTRMPI.pdf
For more info, check this:
http://www.remote-exploit.org/BTJTRMPI.pdf
Monday, May 15, 2006
Back|Track Security Final Release
After spending countless hours flattening out bugs - Max and I will soon be releasing the final version of BackTrack. Our estimated date is the 26th May, but of course, subject to change.
Check http://www.remote-exploit.org/index.php/BackTrack
We've decided to beta test the final release, and provide a limited download to our hardcore IRC users - just to make sure we havn't messed anything up. Several nice people are helping us host this iso. PLEASE GIVE FEEDBACK.
http://backtrack.mick27.info/iso/backtrack-final-18-5-06.iso
http://64.27.12.222/backtrack-final-18-5-06.iso
MD5sum : 14ebbbf7f914cc547fba995c513fa4bf
Check http://www.remote-exploit.org/index.php/BackTrack
We've decided to beta test the final release, and provide a limited download to our hardcore IRC users - just to make sure we havn't messed anything up. Several nice people are helping us host this iso. PLEASE GIVE FEEDBACK.
http://backtrack.mick27.info/iso/backtrack-final-18-5-06.iso
http://64.27.12.222/backtrack-final-18-5-06.iso
MD5sum : 14ebbbf7f914cc547fba995c513fa4bf
Metasploit on WRTSL54GS
After mucking around with my NEW Linksys router, a managed to get Metasploit Framework to run on it. More information can be found in the remote-exploit site:
http://www.remote-exploit.org/research/OpenWRTvsMetasploit.html
http://www.remote-exploit.org/research/OpenWRTvsMetasploit.html
Unbricking a WRT54G
I bricked my WRT54G. T'was a sad day. Well, to be honest, I didn't exactly "brick" it, I had openwrt on it, with no "boot_wait", and i had forgotten the ssh password to it. It seemed like the only option I had was do build a serial console for it, and solder it to the WRT54G board - which made me shudder. After googling for a while, I found an interesting article describing an "unbricking" method which worked for me. The whole presentation can be found at http://www.trilug.org/talks/2004-09-wrt54g/Hacking_The_WRT54G_Presentation.PDF .
Apparently, this is a dangerous procedure, which can result in a completely DEAD WRT, be warned.
Apparently, this is a dangerous procedure, which can result in a completely DEAD WRT, be warned.
Subscribe to:
Posts (Atom)