The Offensive Security Blog

Stay up-to-date with the latest news and updates by subscribing to our RSS feed!

Blog Posts and Recent News from Offensive Security

Try Harder – stay up-to-date with the latest Offensive Security news and Kali updates by subscribing to our RSS feed!

MSFU Updates

MSFU Updates – December 2010

This month we have again been steadily updating the Metasploit Module Reference section of Metasploit Unleashed and also added some great new content covering the setup and usage of databases with Metasploit under BackTrack4 R2. This month also saw the introduction of the excellent GUI front-end, Armitage.

Read More
Metasploit Pro Added to the PWB Labs

Metasploit Pro Added to the PWB Labs

We are very happy to announce that our Penetration Testing with BackTrack online labs now include installations of Metasploit Pro. Deep within our lab network, students who Try Harder will encounter credentials for these installations that will allow them to enjoy the use of a tool that simplifies many of the tasks that they had to perform manually.

Read More
Godaddy Workspace XSS

Godaddy Workspace XSS – Who’s your Daddy ?

An interesting submission in from the Exploit Database – a Godaddy workspace XSS vulnerability. Although we did not post it (live site), the vulnerability seems real, and definitely worth mentioning.

In essence, this vulnerability allows an attacker to send malicious JavaScript to a non suspecting victim – allowing stealing of cookies and other nasty stuff. Effectively, if you are using the Godaddy web interface, an attacker can acquire a your session information and log to the account with no credentials.All Godaddy workspace users, ph33r.

Read More
Armitage in BackTrack 4 r2

Armitage in BackTrack 4 r2

A brief time ago, an exciting GUI front-end for Metasploit named Armitage was released. For being an initial release, Armitage is very polished and so we knew we had to add it to the BackTrack respositories.

Read More

Metasploit with MySQL in BackTrack 4 r2

Until the release of BackTrack 4 r2, it was possible to get Metasploit working with MYSQL but it was not an altogether seamless experience. Now, however, Metasploit and MYSQL work together “out of the box” so we thought it would be great to highlight the integration. With the Metasploit team moving away from sqlite3, it is vital to be able to make use of a properly threaded database. There have also been quite a number of additional database commands added to Metasploit and documentation tends to be rather sparse online when it comes to the less “glamorous” side of database management.

Read More
MSFU Updates

MSFU Updates – November 2010

This past month has been busy yet we have been steadily updating the free Metasploit Unleashed Training course with the largest growing area being the Module Reference section. This month has also seen updates to the Fast-Track and Social-Engineer Toolkit sections of the wiki.

Read More
exploit-iPad6

Offsec Exploit Weekend

Aloha Offsec students! You’ve been slapped around by Bob, abused by Nicky and crushed by NNM. Just as you thought it was over, Offensive Security now comes up with a brand new type of pain. This one is for all your hardcore exploit developers out there, who want a real challenge – an Offsec “Exploit Weekend”.

Read More
Winamp 5.58 Exploit Development

Winamp 5.58 Exploit Development

The guys at the Exploit Database posted an awesome writeup on a Winamp 5.58 Exploit Development storming session – with some really cool results. In the end, they ended up writing a short assembly sequence to walk through the payload and replace bad characters with original shellcode bytes. Read more – Winamp 5.58 from Dos to Code Execution

Read More
Adobe Shockwave player rcsL chunk memory corruption 0day

Adobe Shockwave player rcsL chunk memory corruption 0day

It’s not often we wake up and find a massive 0day submitted to the Exploit Database – but today was different. Abysssec security released an Adobe Shockwave player 0day. We verified the exploit as part as our verification process in the Exploit database and made a short movie to demonstrate the the vulnerability.

Read More
MSFU Updates

Metasploit Unleashed, Again!

As promised, our free Metasploit Unleashed Training course is now being regularly maintained and has seen many new additions in the past month. As new features are being added to the Metasploit Framework, we are attempting to add them to the Wiki in order to keep our content fresh and up-to-date to ensure we are providing a valuable resource to our readers. One of the more significant and ambitious changes is the addition of a Module Reference section where we will be adding coverage for as many modules as we can, allowing readers to get a better idea of what results they can expect from a given module.

Read More
pwb-3-offsec

Penetration Testing with BackTrack – Live Training

Penetration Testing with BackTrack – There has been a lot of focus on high quality training for security professionals lately in the news. Even the US Government has issued statements about the need for security training to be different in the market today. Much of their research has led them to say that a real-world, hands-on approach to training is more effective than the typical multiple choice training that is out there.

Read More
MSFU Updates

Metasploit Unleashed – Updates

Once again, we have a few exciting updates we would like to inform you about. First and foremost, our Metasploit Unleashed Free Training course is going through a major overhaul, and will be updated and maintained on a monthly basis. You can expect a whole lot of new content being added onto the Metasploit Unleashed Wiki in the next few months.

Read More
Microsoft DLL Hijacking Exploit in Action

Microsoft DLL Hijacking Exploit in Action

The “new” Insecure Library Loading vulnerability (2269637) in action… The Metasploit team has added a exploit module for this vulnerability. Check it out.

Read More
poster-dark1-thumb

Security Awareness Training – A New Era

Each year companies lose millions in security breaches. High quality Information Security Awareness is probably one of the most important remedies for these attacks. For a long time we have held to the thought that the human element is the weakest link in the chain, and the Social Engineering Contest at Defcon 18 really drove the point through.

Read More
Metasploit 3.4 and SET 0.6.1 on iPhone 4

Metasploit 3.4 and SET 0.6.1 on iPhone 4

Just a quick update on getting your favorite tools on iOS 4 – Metasploit and SET. You need to have a Jailbroken iPhone with SSH access for this. You will also need to install nano and APT 0.7 Strict via Cydia. Unlike all other major revisions of Cydia, getting everything up and running is a breeze now.

Read More