Our Proxmark 3 (and antennae) finally arrived, and we thought we’d take it for a spin. It’s a great little device for physical pentests, allowing us to capture, replay and clone certain RFID tags. We started off by reading the contents of the Proxmark wiki, to understand (more or less) what we are up against. This proved to be a vitally important step, and we are thankful we had the insight to RTFM a tad bit before.
Read MoreIn one of our recent engagements, we had the opportunity to test the physical security of an organization. This assessment presented an excellent scenario for a USB HID attack, where an attacker would stealthily sneak into a server room, and connect a malicious USB device to a server with logged on console, thus compromising it. From here, the “Peensy” (Penetration Testing Teensy?) was born.
Read MoreAre you in Vegas for BlackHat and Defcon ? Are you desperately looking for Offensive Security schwag ? We are giving out Metasploit books, BackTrack Challenge coins and large sized BackTrack Decals in this years BlackHat and Defcon conferences.
So, what exactly does one need to do to get these wonderful, sought after gifts ? It’s easy:
With the recent Absinthe Jailbreak which opens up firmware 5.1.1 to Cydia, we once again tried to get Metasploit running on these iBabies. After a bit of fiddling around with various ruby package versions, its seems like the following combination works well with the latest version of Metasploit 4.4.0-dev (as of May 2012).
Of course, you need a jailbroken iPhone or iPad, with apt, OpenSSH server and a SSH client, such as iSSH.
Read MoreDuring a routine scan of new vulnerability reports for the Exploit Database, we came across a single post in full disclosure by Martin Tschirsich, about a Remote Code Execution vulnerability in FreePBX. This vulnerability sounded intriguing, and as usual, required verification in the EDB. At first glance, the vulnerability didn’t jump out at us, especially as we are not familiar with the inner workings of asterisk. After a couple of emails back and forth with Martin,
Read MoreOur first modern warfare tournament against our students was… humbling. Don’t get me wrong, we had our victories, but all in all we left the grounds wounded and limping. Between getting blown up by RPGs, massacred by drones or carpet bombed by B52’s we didn’t have it easy. Unfortunately, this was all documented and very soon, the screenshots and youtube videos arrived. The ones voted the best, somehow involved me getting blown up, as you can see below.
Read MoreJohnny here, again…I’m excited to announce that Muts and I will be co-presenting the second Pentesting With Backtrack course in December 3-7, 2012 in St. Kitts! I’m excited on a couple different levels. First, I’m excited to get back to St. Kitts. Maybe it’s the inner pirate calling me back to the Caribbean, or maybe it’s just that the place is so exotic and beautiful. I enjoyed the breathtaking views with white beaches, mountains and electric blue water so much that on some days I wonder why I haven’t just packed up and moved there.
Read MoreSince the inception of our Advanced Windows Exploitation (AWE) course, our students (who are always searching for more pain) have been asking for an accompanying certification exam. We are very pleased to announce the launch of the Offensive Security Exploit Expert (OSEE) certification.
Read MoreWant a chance to get even ? For years we have been running classes that take great joy in torturing our students. We ask a lot of you, and the classes and certifications prove it. However there is no way around it: Some times we can drive you nuts. Here’s your chance to get even, MW3-style.
Read MoreIn this final post of our PWB in the Caribbean series, Johnny picks up from where he left off in Part 4, reflecting on his experiences during the week and the impact it has had on him personally. Without further delay, we’ll let Johnny wrap up the series.
Read MoreWhen we last left off in Part 3 of our series of posts on Johnny’s experience at our recent PWB in the Caribbean course, he was experiencing the highs and lows of exploit development, emerging triumphantly in the end. Part 4 picks up where we left off last time so we’ll let Johnny take it from here.
Read MoreIn Part 2 of our series of posts on the recent PWB in the Caribbean course, Johnny was desperately seeking an exit from the upcoming pain that is exploit development. However, he didn’t come up with an escape plan quickly enough and his tale continues in this latest diary entry.
Read MoreIn our ongoing series covering our most recent live PWB in the Caribbean course, Johnny picks up from Part 1 and provides an inside and personal look at the course at it picks up speed and increases in difficulty.
Read MoreQuite often, people tend to wonder what it’s like to experience an Offensive Security live training course. At our most recent live Pentesting with BackTrack course in St. Kitts, we had in attendance, Johnny Long of Hackers for Charity and he was good enough to keep a journal of his experiences during the course.
Read MoreAt long last, our highly rated Wireless Attacks Course (Wi-Fu) has been updated to version 3! This is a major revision of the course with a complete restructure and redesign of the course content with a far broader range of attack techniques.
Read More