Posts made in November, 2012

Automatic Nmap Installation

Okay, so lately we got a new Nmap version 6.25 which has better support in detecting Windows 7 services and Windows 8. For full change log at Nmap you can click here. Now, since it has not been pushed in the repository, and it can for now be updates only by SubVersion we built this for you. This will detect local Nmap version and latest Nmap version and will download the tarball, decompress it...

read more

NTLM for Linux

NTLM for Linux

So, got caught with a little project with my students. Trying to make an improved version of ‘combina’ which will also be able to output NTLM hashes and a bit more. Could not find a normal NTLM C lib in Linux, so took an old C++ script which I could not find the original writer so if someone can locate – that would be handy and nice, and changed it a bit. Now it’s in C...

read more

The Internet and Governments

The Internet and Governments

Background ( preferably dont skip this part ) The internet has changed our lives. The change is not yet over nor close to being over, but from being a 56k dial up modems of large entities and IT-savvy people (politically correct word for geeks) it had spread to every 14-yo teenager’s iPhone. Internet had become a part of our basic infrastructure such as water, electricity and suer systems....

read more

NTDS Privilege Escalation

Okay, so lets assume you just hi-jacked a machine inside a network. You don’t have time to enable the keylogger function in meterpreter since you really need to get some network credentials right now. Lucky for us, Windows stores those temporary credentials. What we do most of the times is try to get the SAM hash dump trying to crack passwords. But those are just for local users. Sure, in...

read more

combina

So, combina is a program built to generate word lists and rainbow tables very efficiently and exactly for your purpose. This program works on all Debian machines we have encountered (Ubuntu 10.04, Ubuntu 12.04, Ubuntu 12.10 all in 32bit and 64 bit) . If anyone knows of something else, please contact us. In any case, here is a little script to install it for you including the dependencies....

read more