Just learned today:
If you are making a bootable disk from a Linux distro using Rufus and it won’t mount, try creating it using the DD option.
Apparently, Linux sometimes only likes its own tools being used on it.
Bonum Venandi,
KS
Wireless Hacking
This is just a quick post to provide the presentation I gave tonight at PwnSchool. If you’d like to review it you can download it here. Thanks!
Topics covered:
- Introduction to Radio Frequency
- Wireless Hacking (WEP and WPA2)
- RFID Hacking (HID Prox and MIFARE)
- Bluetooth Hacking (Bluelog/bluesnarfer/Wireshark/etc)
QuickHit: wget Website Mirroring
You may often need to mirror all (or part) of a website for offline analysis. The ‘wget’ program has some easy features to use when you want to quickly get a local copy of a site and correct common issues (like links pointing to server locations). Set up one of these behind the scenes while you work on other aspects, then peruse at your leisure.
Update 2018-07-21: Or just use the script I wrote to simplify this for my customized Kali build, available here.
Getting Started with DigiSpark
I bought a pile of DigiSpark devices on a whim (they’re less than $2 each), and the following are just my notes on how to get things up and running with them to do simple testing. I’ll also note that this was based on the DigiStump connecting tutorial, but I found some gaps in their approach and wanted to document my variations here for posterity.
Firmware Analysis
This is the quick-hit version of the firmware analysis training I gave. As with all of the formal training, you can use the below for a quick reference, or view the full presentation here.
MSF Fundamentals 2017 (Part 3 of 3) – Pivoting and Automation
This is quick-hit version of part three of a three part series on Metasploit Fundamentals that I wrote to update my previous work (from 2014) on Metasploit. If you’re looking for a more hands-on/in-depth version of this article you can access training on this topic here: MSF Fundamentals – Part 3 of 3 (Pivoting and Automation) (basic_0x04)
The purpose of this article is to cover pivoting, port-forwarding, and automation to expand the reach of your tools and reduce the amount of time you spend on repetitive work. Part one covered starting up the MSF, finding an exploit, finding a matching payload, and configuring everything up to the point of launching the exploit. Part two covered exploitation and post-exploitation modules to the point where you are comfortable with the various ways of manipulating a system after you’ve opened a session to it. This training assumes you’re using a 2016 variant of Kali Linux and that it’s patched up to at least August 2016. If that’s true, then let’s go!
Continue reading “MSF Fundamentals 2017 (Part 3 of 3) – Pivoting and Automation”
MSF Fundamentals 2017 (Part 2 of 3) – Exploitation and Post-Exploitation
This is quick-hit version of part two of a three part series on Metasploit Fundamentals that I wrote to update my previous work (from 2014) on Metasploit. If you’re looking for a more hands-on/in-depth version of this article you can access training on this topic here: MSF Fundamentals – Part 2 of 3 (Post-Exploitation with Meterpreter) (basic_0x03)
The purpose of this article is to cover exploitation and post-exploitation modules to the point where you are comfortable with the various ways of manipulating a system after you’ve opened a session to it. Part one covered starting up the MSF, finding an exploit, finding a matching payload, and configuring everything up to the point of launching the exploit. Part three covers pivoting, port forwarding, and automation. This training assumes you’re using a 2016 variant of Kali Linux and that it’s patched up to at least August 2016. If that’s true, then let’s go!
Continue reading “MSF Fundamentals 2017 (Part 2 of 3) – Exploitation and Post-Exploitation”
MSF Fundamentals 2017 (Part 1 of 3) – Console to Payload
This is quick-hit version of part one of a three part series on Metasploit Fundamentals that I wrote to update my previous work (from 2014) on Metasploit. If you’re looking for a more hands-on/in-depth version of this article you can access training on this topic here: MSF Fundamentals – Part 1 of 3 (Startup Exploit Payload) (basic_0x02)
The purpose of this article is to get you familiar with starting up the Metasploit Framework (MSF), finding an exploit, finding a matching payload, and configuring everything up until it’s time to launch an exploit. Part two will cover exploitation and post-exploitation modules, while part three will cover pivoting, lateral movement, and automation. This training assumes you’re using a 2016 variant of Kali Linux and that it’s patched up to at least August 2016. If that’s true, then let’s go!
Continue reading “MSF Fundamentals 2017 (Part 1 of 3) – Console to Payload”
Wireless Attack: WPA
The following is a quick-hit list of commands for attacking a WPA wireless network. It assumes you are using a 2016 variant of Kali linux with the aircrack-ng suite installed and a wireless network card that can be placed into monitor mode (which should be about 100% of them). It also assumes that there is a WPA network with an associated client that is transmitting, and that you are running as a user with sufficient permissions to execute each of these commands.
For the sake of this tutorial the AP will be assumed to have a MAC address of “99:88:77:66:55:44” and the client will be assumed to have a MAC address of “00:11:22:33:44:55”. The wireless network card we will use will be assumed to be “wlan0”.
If a presentation is more your style of learning you can access training on this topic here: Wireless Attacks – WPA & WPS (basic_0x01)
Pass The Hash for Command Line, MSF, and RDP
This is another one of those quick-hits that often comes in handy… you’ve captured a hash (maybe via mimikatz, through a Metasploit module such as post/windows/gather/hashdump, etc), and you need to want to directly use that hash rather than cracking it. How do you do that?
Continue reading “Pass The Hash for Command Line, MSF, and RDP”
Hermit's Cave 