Friday, June 24, 2011
you can catch him on twitter as well @cktricky
Thursday, June 23, 2011
and of course iKat
So recently I had to break out of restricted citrix environment. All I had was Excel 2010 and Word 2010.
I also didnt have a fancy "jump to url" option when I clicked on the title bar and none of the hot keys were working for me. So goal was to get a web broswer or cmd shell.
I was able to create macros though. So first I added the developers ribbon.
The macro code
'execute EXE file
Shell "CMD /K C:\windows\system32\cmd.exe", vbNormalFocus
You could also just type a url into excel...
and click it..But that's pretty low tech and not much fun :-)
Again this IE browser is running remotely on the citrix host. From here you can client-side exploit yourself...i.e. java applet exloit... to get your outbound shell.
Sunday, June 19, 2011
Course Description & Instructor Information:
Strategic Security has teamed up with Net-Square to provide the most comprehensive exploit development course package available to the public. Occasionally similar courses are offered privately to various three letter agencies and large financial institutions.
Exploit development is often considered the most difficult area of focus in the entire field of IT security. It requires both a broad range of skills and deep level of knowledge in Networking, Operating Systems, and Programming. Now you too can learn what has long been thought to be "Black Magic" by many from one of the top practitioners and trainers in the world.
How is this course put together?
The course is actually a 2 week package deal designed to both teach the fundamentals of modern exploit development and give the student ample guided practice time with the instructor to actually get proficient.
Exploit Dev: No Assembly Required Oct 31 - 4 Nov 2011 (5 Days)
Exploit Dev: Target Practice Nov 7 - 11 2011 (5 Days)
The workshops will be held at "The Academy of Computer Education" in Greenbelt, MD.
The address is:
7833 Walker Drive, Suite 520C Greenbelt, Maryland 20770
$1000 Discount by using these links
Exploit Dev 1 Week @ $5,000
Exploit Dev 1 Week @ $6,000
Exploit Dev 2 Week Package Deal @ 8,500
Wednesday, June 15, 2011
Enjoy it, mate ;-)
Friday, June 3, 2011
Consider we've made the following requests:
Most folks would agree that the request with a parameter of accountid warrants some manual analysis. On a larger scale (think thousands of requests), this can be tedious to search and then send to intruder or repeater. So the idea is that we have a keyword list to help speed things up, when a match is found, an alert is sent to burp and the request is sent over to repeater & intruder for manual analysis.
As of now the keyword list in wXf isn't huge but I plan on adding to it over the next few days. If you'd like to utilize GitHub's fork/edit/merge function to contribute interesting parameter names please fork the following file.
If you have a personal keyword list that you'd like to use privately that is okay too. The video shows you how to add a file under the datum directory and reload the list of "lfiles" (files under the datum directory).
Don't forget that if you have questions on usage, installation or anything else we've provided documentation here .
Lastly, here is the video: