Nowadays, in almost all my penetration testing projects, HP dataprotector has been the most vulnerable software installed. I thought of porting the same as a metasploit exploit module. Hence, I wrote exploit for Hp_dataprotector_cmdexec. I will try to describe my work step by step. The input for this was a working exploit-db code (HP Data Protector Remote Root Shell for Linux). The shell code when run normally will give a netcat shell. So here I start up: 1. Took a standard ...
Updated 04-10-2012 at 04:21 PM by sohil_garg
Introduction Voice over Internet Protocol (VoIP) has seen rapid implementation over the past few years. Most of the organizations which have implemented VoIP are either unaware or ignore the security issues with VoIP and its implementation. Like every other network, a VoIP network is also susceptible to abuse. In this article, I would discuss about various enumeration techniques followed by demonstration of few VoIP attacks. I deliberately will not go to protocol level details as ...
Introduction It is a useful social engineering tool by David (ReL1k). It can be used to perform a number of Social Engineering attacks with minimal effort. SET can be used with Metasploit to additionally perform metasploit's powerful post exploitation. This tool can be accessed through web interface or command line.Prominent Uses Gathering credentialsShell spawning by browser exploits Mass mailing of malicious payloads to spawn shells Shell using ...
Blog Categories
Recent Visitors
Archive
Go to Profile
Mark as Read