User Account Control Data Redirection


Familiarizing your applications with UAC.  It has become an important piece of information for my future projects.  Data redirection is when Windows redirect the data your application writes to a different directory called VirtualStore.  Something along the lines mentioned, for more please visit the article link below.

Source: http://windowsteamblog.com/windows/b/developers/archive/2009/08/04/user-account-control-data-redirection.aspx

Escalating UAC privileges in C / C++ applications using Visual Studio


To set this linker option in the Visual Studio development environment

  1. Open the project’s Property Pages dialog box. For details, see How to: Open Project Property Pages.
  2. Expand the Configuration Properties node.
  3. Expand the Linker node.
  4. Select the Manifest File property page.
  5. Modify the Enable User Account Control (UAC), UAC Execution Level, and UAC Bypass UI Protection properties.

To set this linker option programmatically

Source: http://msdn.microsoft.com/en-us/library/bb384691.aspx

Armitage | Beyond Metasploit


You might want to consider using Armitage as your primary arsenal apart from using Metasploit’s msfconsole or msfgui.

What Is Armitage

Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Read the rest of this entry »

Setting up Karmetasploit in Ubuntu 10.10


This is one old post that I have never written on after saving the draf on the link that teaches how to run Karmetasploit.  Basically, what we will be doing in this post is to run the Karmetasploit module and start sniffing cookies into our database.  In this post, we will look into the commands we type until we are able to sniff cookies using Karmetasploit. Read the rest of this entry »

Steal cookies, use or eat them?


Upon researching how to run Karmetasploit on my laptop, my next finding is to figure out how do I use these cookies.  I haven’t got any answers but here are some relevant data to my findings.

1.) http://www.offensive-security.com/metasploit-unleashed/Karmetasploit_Attack_Analysis
2.) http://www.linuxweblog.com/postgresql-reference
3.) http://www.youtube.com/watch?v=hL3H70jcSEo

Upgrading Ubuntu 10.10 Kernel to 2.6.37.6


I was trying to run airbase-ng on my laptop’s Ubuntu 10.10 but I realize that it have problems.  (1.) The created Access Point could not be accessed and (2.) the channel that the Access Point is created runs on channel 255 which is out of range.  I had to start searching for a solution.  My early findings told me that it had something to do with the network driver.  My laptop runs on bcm4311 and I found out that it may have something to do with MadWifi so I thought I need an Atheros.  This morning I had tried firing up my laptop in BackTrack 4 and ran airbase-ng.  My iPod caught the Access Point immediately.  At this point, I knew that it must be something wrong with Ubuntu so I continued searching.

I had then found out from the internet that it could be my kernel version that is causing the problem and here I am, updating my Ubuntu from the default kernel 2.6.35-22-generic to 2.6.37.6Whether or not airbase-ng is going to work now I am still not sure, will be updating this.  It works.

Read the rest of this entry »

KARMA + Metasploit Framework 3 == Karmetasploit


Background

In 2004 Dino Dai Zovi and Shane Macaulay presented All Your Layer Are Belong To Us at Pacsec in Tokyo. This presentation focused on the insecure behavior of wireless clients. Accompanying the presentation was a tool called KARMA (KARMA Attacks Radioed Machines Automatically). This tool acts as wireless access point and responds to all probe requests from wireless clients. Once a client has associated with the KARMA access point, every service they try to access leads to a malicious application. The services side of KARMA was written in Ruby, making it a perfect match for integration with version 3 of the Metasploit Framework.

Read the rest of this entry »