Offensive Security Blog

  • 001 Parts1

    Onity Door Unlocker, Round Two.

    On one of our engagements, we figured an Onity Hotel door unlocker would be useful to us. Inspired by the James bond type setup we saw on the Spiderlabs blog post, we thought we’de try to build a small, simple and “TSA friendly” version of the Onity key unlocker. Pro Tip: Connecting a 9v battery with the wrong polarity to an Arduino Mini Pro will make pretty sparks.

    Read More →
  • Rfid Harvester

    Stand-Alone EM4x RFID Harvester

    Continuing off from our last RFID Cloning with Proxmark3 post, we wanted to build a small, portable, stand-alone EM4x RFID tag stealer. We needed an easy way of storing multiple tag IDs whilst “rubbing elbows” with company personell. The proxmark3 seemed liked an overkill and not particularly fast at reading em4x tags so we figured we’de try hooking up our RoboticsConnection RFID reader to a Teensy and see if we could make them play nicely together.

    Read More →
  • Proxmark 05

    Cloning RFID Tags with Proxmark 3

    Our Proxmark 3 (and antennae) finally arrived, and we thought we’d take it for a spin. It’s a great little device for physical pentests, allowing us to capture, replay and clone certain RFID tags. We started off by reading the contents of the Proxmark wiki, to understand (more or less) what we are up against. This proved to be a vitally important step, and we are thankful we had the insight to RTFM a tad bit before.

    Read More →
  • Peensy Post

    Advanced Teensy Penetration Testing Payloads

    In one of our recent engagements, we had the opportunity to test the physical security of an organization. This assessment presented an excellent scenario for a USB HID attack, where an attacker would stealthily sneak into a server room, and connect a malicious USB device to a server with logged on console, thus compromising it. From here, the “Peensy” (Penetration Testing Teensy?) was born.

    Read More →
  • Offsec Bh 2012 Schwag

    Offsec BlackHat / Defcon Scavenger Hunt

    Are you in Vegas for BlackHat and Defcon ? Are you desperately looking for Offensive Security schwag ? We are giving out Metasploit books, BackTrack Challenge coins and large sized BackTrack Decals in this years BlackHat and Defcon conferences. So, what exactly does one need …

    Read More →
  • IMG 1002

    Metasploit 4 on iPhone 4S & iPad 2

    With the recent Absinthe Jailbreak which opens up firmware 5.1.1 to Cydia, we once again tried to get Metasploit running on these iBabies. After a bit of fiddling around with various ruby package versions, its seems like the following combination works well with the latest …

    Read More →
  • Screen Shot 2012 03 23 At 1.48.07 AM

    FreePBX Exploit Phone Home

    During a routine scan of new vulnerability reports for the Exploit Database, we came across a single post in full disclosure by Martin Tschirsich, about a Remote Code Execution vulnerability in FreePBX. This vulnerability sounded intriguing, and as usual, required verification in the EDB. At …

    Read More →
  • Word Header V2.3

    Sample Penetration Test Report

    There are two different ways of doing things in this InfoSec world we are in. We can chase the money, or we can focus on doing what we feel is right. Then do that with passion. At Offensive Security, it has always been about doing …

    Read More →
  • St Kitts Caribbean Reviews 2

    Live Training in St. Kitts and Nevis

    Our recent Penetration Testing with BackTrack Live Training in St. Kitts was a great success. This was the first time that we have done the class in the Caribbean, and we were really curious to see how it would go – as there is no …

    Read More →
  • The N00b

    Modern Warfare Students vs Trainers 0x2

    Our first modern warfare tournament against our students was… humbling. Don’t get me wrong, we had our victories, but all in all we left the grounds wounded and limping. Between getting blown up by RPGs, massacred by drones or carpet bombed by B52’s we didn’t have it easy. Unfortunately, this was all documented and very soon, the screenshots and youtube videos arrived. The ones voted the best, somehow involved me getting blown up, as you can see below.

    Read More →
Page 4 of 15« First...«23456»10...Last »