illmob

Like clockwork , the new 0day has been added to metasploit. eromang was quick to record a demo of the exploit in action http://eromang.zataz.com

---

Spotted in the wild, reports are still coming in.
malware.dontneedcoffee.com
The files
blog.spiderlabs.com
decrypted java source

---

mimikatz now supports saved domain credentials dumping (task scheduler included) also visit site in chrome unless you manually want to translate it. blog.gentilkiwi.com

---

Sorry for the downtime, had some noobs trying to own the site, finding that they couldn’t do shit but ddos the site. So we switched to a better server and fixed a few things. Better luck next time clowns.

---

perl script can be used to unlock apache tomcat servers
remotely by using the collected login combinations.
Tt will retrieve either a ROOT or SYSTEM reverse shell depending on the operating system. More info

---

Dumps login cleartext passwords stored by Windows Digest Auth pkg. Download it ::HERE::

---

Went to Derbycon last week and it was awesome. The people were all great and it wasn’t a scenewhore con like Defcon. Also I got a shout-out during Mubix & carnal0wnage’s talk @ 49:07 🙂

---

We are about 20 hours in for our fundraiser for Childs Play Charity we will be playing all the Nintendo Mario Brothers series from start to finish. We are just under $1000 donated of our $3000 goal. If you have a dollar or two to spare please help out. It’s for a really great cause. For more info: http://nesit.net/marathon/ Watch us play live and donate 🙂 If anyone is in the area feel free to stop down and play a few levels 🙂

---

The illmob krew is heading out to Vegas for Defcon, See ya there!!!

---

Just finished my 2nd module for metasploit in time to go to Defcon. This one will search the Documents directory for all *.rdp files and output the host,user,password to your meterpreter session. Check it out ::HERE::

---