Java 0day Demo
Like clockwork , the new 0day has been added to metasploit. eromang was quick to record a demo of the exploit in action http://eromang.zataz.com
Like clockwork , the new 0day has been added to metasploit. eromang was quick to record a demo of the exploit in action http://eromang.zataz.com
Spotted in the wild, reports are still coming in.
malware.dontneedcoffee.com
The files
blog.spiderlabs.com
decrypted java source
mimikatz now supports saved domain credentials dumping (task scheduler included) also visit site in chrome unless you manually want to translate it. blog.gentilkiwi.com
Sorry for the downtime, had some noobs trying to own the site, finding that they couldn’t do shit but ddos the site. So we switched to a better server and fixed a few things. Better luck next time clowns.
perl script can be used to unlock apache tomcat servers
remotely by using the collected login combinations.
Tt will retrieve either a ROOT or SYSTEM reverse shell depending on the operating system. More info
Dumps login cleartext passwords stored by Windows Digest Auth pkg. Download it ::HERE::
Went to Derbycon last week and it was awesome. The people were all great and it wasn’t a scenewhore con like Defcon. Also I got a shout-out during Mubix & carnal0wnage’s talk @ 49:07 🙂
The illmob krew is heading out to Vegas for Defcon, See ya there!!!
Just finished my 2nd module for metasploit in time to go to Defcon. This one will search the Documents directory for all *.rdp files and output the host,user,password to your meterpreter session. Check it out ::HERE::