Blog Archives

DEP Bypass: Mini HTTPD Server 1.2

In my “Writing exploit on win32 from scratch: Mini HTTPD Server 1.2” blog post, I pointed that we were working on a Windows SP SP3 box with no DEP (data execution prevention). That’s not real, Windows XP SP3 has DEP,

Posted in Exploiting, win32

From exploit to Metasploit: Mini HTTPD Sever 1.2

This post is to explain how to convert our Mini HTTPD Server 1.2 Exploit to a Metasploit module gaining a lot of flexibility to chose our payloads and targets (once defined in the module of course). Here there is an

Posted in Exploiting, Metasploit, python, win32

Mini HTTPD 1.2 Exploit writing from scratch.

Introduction Some time ago since I wrote my last post cause lately between work, trainings, conferences and some software development my “Free Time” suffered a “Buffer Overflow”. But hey, now found some time and I decided to create the first

Posted in Exploiting, win32

Packet sniffing from Meterpreter

Following with the post chain about Meterpreter extensions, I’m going to show you how “sniffer” extension works. This module let’s you capture traffic from one network interface of the victim host and dump it to a “pcap” file on the

Posted in Metasploit, Meterpreter, Post-Exploitation, Sniffer

Mimikatz Meterpreter extension

During a PenTest one of the main objectives of the PenTester when a Windows host is compromised is to obtain the user authentication hashes, to try pivot to other systems on the target network using the “Pass The Hash” attack.

Posted in Metasploit, mimikatz, Post-Exploitation

Post-Exploitation with “Incognito”.

Incognito is a tool used to escalate privileges inside an Active Directory domain on the post exploitation phase of a PenTest. It was born as a standalone tool, later was included in Metasploit as a module and finally it was

Posted in Incognito, Metasploit, Post-Exploitation

Bypass new generation Firewalls with meterpreter and ssh tunnels

In this post I’m going to show the main content of an article published in  Kali Linux 2 | Pentest Extra 05/2013 by me. I hope you enjoy it. Introduction During a recent penetration test I found a Windows host running

Posted in Firewall, Metasploit, SSH

Welcome to my blog

With the new year I decided to go one step further and start posting in English as well as in Spanish. So this post is just to welcome all the new english readers. I hope the contents of this blog

Posted in No category