Just finished my 2nd module for metasploit in time to go to Defcon. This one will search the Documents directory for all *.rdp files and output the host,user,password to your meterpreter session. Check it out ::HERE::
Nick Harbour wrote on his blog about new spyware using fxsst.dll which is present on the system when the system is running as a Fax server. Seems the explorer.exe automatically loads the dll when logging on. Mubix decided to test this out with a .dll generated in Metasploit and it worked every time on his test system (WinXP) but Win7 64bit was still having issues with the dll he generated.
TL;DR – Take any malware DLL, name it fxsst.dll and drop it in C:\WINDOWS or the System32 folder and Explorer.exe will load it at boot time.
Just submitted my first attempt to write something for Metasploit @ dev.metasploit.com. It jacks victim’s bitcoin wallets on windows boxes and sends them back to attacker on meterpreter. saves wallet in your loot folder, on windows it would be %userprofile%\.msf3\loot on nix it would be /root/.msf3/loot
RobinHood is a simple program in assembler that steal’s the victim’s BitCoin wallet.dat and uploads it to an FTP server. You need to assemble the source yourself, get it ::HERE::
Tickets are on sale now for eXcon and BSidesCT in Meriden,CT June 11th
http://exconference.com
If you want to attend or speak at the conference hit their email up on the site!!!
Programmable embedded devices have the capability of being detected as a HID device , just like a keyboard or mouse. So if you have physical access and a minute alone you can basically own a system with something the size of your thumb. The possibilities are endless, HTTP/FTP download, injecting binaries into debug or Powershell etc.. Also this device is cross platform which means Windows,Linux,UNIX and Apple are all vulnerable. Here’s an example we made for a Windows7 box that adds a new Admin user to the system and hides that user from the logon screen. the whole process takes about 16 seconds , with most of the time taken by the device being detected as a keyboard and the driver installed. The device costs about $20 and can be found here
Seems Comcast has a hidden admin user account on their business class modems other than the usual user:cusadmin-pw:highspeed. You can log in locally using the username mso and password: D0nt4g3tme . Furthermore you can also use Cross Site Request Forgery in iframes to set the modem to open up its remote admin ports to all IP’s not just the ones Comcast has preconfigured. If you wanna test this out you can visit this URL http://illmob.org/comcast BEWARE, if you are on vulnerable Comcast modem it will open remote access to your modem on http port 80, https port 8181 and telnet 2323.
Props to the guys @ Trustwave for the iframe POC.
Circumvent Apples Mac App store receipt validation.
Install the latest Snow Leopard update(10.6.6). Sign into the new App Store (in your dock). Download Twitter, it’s free. Then go to Applications folder, locate Twitter, right click, Show Package Contents, navigate to Contents folder and copy _CodeSignature, _MASReceipt and CodeResources.
Download Angry Birds ( http://bit.ly/gy9wzk ).. run the dmg file.. drag Angry Birds into the Applications folder. right click, Show Package Contents, navigate to Contents folder and delete _CodeSignature, _MASReceipt and CodeResources. Now paste in the files you copied from the Twitter.app .
Done. Enjoy Angry Birds and any other .app file from the new Mac App Store that you can find online 
Thats right bitches, after 6 long retarded years being under the government’s thumb for some bullshit charges ,I am finally a free man!!!!
You are from the area.
We love our country, but fear our government.
Hacker News Exploit DB
|
26,315,540 |
|
73 |