No Recent Activity
About sohil_garg

Basic Information


Total Posts
Total Posts
Posts Per Day
General Information
Last Activity
09-17-2012 02:57 PM
Join Date

1 Friend

  1. D4rk357 D4rk357 is offline

    Garage Member

Showing Friends 1 to 1 of 1
View sohil_garg's Blog

Recent Entries

HP DataProtector - Porting exploit to metasploit.

by sohil_garg on 04-10-2012 at 04:11 PM
Nowadays, in almost all my penetration testing projects, HP dataprotector has been the most vulnerable software installed.
I thought of porting the same as a metasploit exploit module. Hence, I wrote exploit for Hp_dataprotector_cmdexec. I will try to describe my work step by step. The input for this was a working exploit-db code (HP Data Protector Remote Root Shell for Linux). The shell code when run normally will give a netcat shell.
So here I start up:
1. Took a standard

Read More

Updated 04-10-2012 at 04:21 PM by sohil_garg


Enumerating and Breaking VoIP

by sohil_garg on 11-21-2011 at 02:19 PM

Voice over Internet Protocol (VoIP) has seen rapid implementation over the past few years. Most of the organizations which have implemented VoIP are either unaware or ignore the security issues with VoIP and its implementation. Like every other network, a VoIP network is also susceptible to abuse. In this article, I would discuss about various enumeration techniques followed by demonstration of few VoIP attacks. I deliberately will not go to protocol level details as

Read More


Social Engineering with SET

by sohil_garg on 09-01-2011 at 01:25 PM

It is a useful social engineering tool by David (ReL1k). It can be used to perform a number of Social Engineering attacks with minimal effort. SET can be used with Metasploit to additionally perform metasploit's powerful post exploitation. This tool can be accessed through web interface or command line.
Prominent Uses

  • Gathering credentials
  • Shell spawning by browser exploits
  • Mass mailing of malicious payloads to spawn shells
  • Shell using

Read More