tag:blogger.com,1999:blog-422477430134849438.comments2017-09-03T06:52:32.497-07:00Netragard's SNOsoft Research TeamAdriel Desautelshttp://www.blogger.com/profile/16119732948300414743noreply@blogger.comBlogger185125tag:blogger.com,1999:blog-422477430134849438.post-63396169206100621682011-09-16T18:16:07.218-07:002011-09-16T18:16:07.218-07:00One thing I would say is that there is a relativel...One thing I would say is that there is a relatively easy way on WAP's to secure the traffic. No one has talked about putting the WAP in to AP Isolation mode. By doing that and then giving WPA2 you effectively offer a much greater security (not perfect or even great) than what is currently in place. With the WAP in Isolation mode its not going to allow the lateral traffic between the users at all, period the end.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-55071775747517185222011-09-07T15:42:01.722-07:002011-09-07T15:42:01.722-07:00Does facebook allow you to violate their tos for t...Does facebook allow you to violate their tos for the pen test?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-15772077693343896952011-08-04T00:07:58.575-07:002011-08-04T00:07:58.575-07:00That is a really good bit of information you have ...That is a really good bit of information you have written up there, I really think you have a nice site here. Thanks bud.house paintinghttp://www.paintingservicesinfo.com.aunoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-8028452356795501032011-06-29T01:35:01.466-07:002011-06-29T01:35:01.466-07:00Extremely nice idea, even though I think the C Arr...Extremely nice idea, even though I think the C Array meterpreter stuff is not necessary to evade AV concerning meterpreter or any MSF payload ;-)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-91027008253645374922011-04-12T03:05:45.495-07:002011-04-12T03:05:45.495-07:00That's why many airlines still doubt about thi...That's why many airlines still doubt about this new technology. Even though there's a huge benefits for them and for their passengers, still many prioritize the safetiness of their clients.InFlight Wi-Fihttp://www.inflightmessenger.comnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-63611607559852637842011-03-17T05:10:57.966-07:002011-03-17T05:10:57.966-07:00Sweden is not Switzerland. Americans...
Otherwise ...Sweden is not Switzerland. Americans...<br />Otherwise this is a really good article though.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-53618774207848162682011-03-01T00:08:35.307-08:002011-03-01T00:08:35.307-08:00*brakes*brakesAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-40991707575717580982011-02-14T19:01:48.712-08:002011-02-14T19:01:48.712-08:00Interesting ArticleInteresting ArticleEthical Hackers Communityhttp://www.breakthesecurity.comnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-40972906795256053262011-01-27T17:03:41.576-08:002011-01-27T17:03:41.576-08:00Yep, apparently we challenge our spelling as well....Yep, apparently we challenge our spelling as well. That's a wacky mistake there...Adriel Desautelshttps://www.blogger.com/profile/16119732948300414743noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-6075194072823754392011-01-27T15:49:33.012-08:002011-01-27T15:49:33.012-08:00We challenge your spelling ;) Compliance :)We challenge your spelling ;) Compliance :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-36222069950883519702010-05-26T17:55:37.474-07:002010-05-26T17:55:37.474-07:00LOL - well done. I am going to mention this in my ...LOL - well done. I am going to mention this in my class.Bernienoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-18560454021021042562010-05-25T08:40:06.602-07:002010-05-25T08:40:06.602-07:00nice! - great read, well done guys!nice! - great read, well done guys!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-67131679987839720312010-05-21T04:49:53.028-07:002010-05-21T04:49:53.028-07:00Excellent write-up! WAFs are a useful crutch, but...Excellent write-up! WAFs are a useful crutch, but aren't a substitute for good coding practices and QA.Steve Werbyhttp://justifiableparanoia.com/blog/noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-72212127315176403632010-05-20T05:33:14.429-07:002010-05-20T05:33:14.429-07:00This indeed is a good write-up. I have a question ...This indeed is a good write-up. I have a question though - Why did you guys not use xp_Ping instead of the normal ping?Blackhttp://www.pentestit.comnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-31535867451528461742010-05-17T08:59:11.770-07:002010-05-17T08:59:11.770-07:00Ha! Very clever indeed. I commend your creativity!...Ha! Very clever indeed. I commend your creativity!<br /><br />Yet another nail in the coffin for signature-based attack blocking.Dan Crowleyhttp://www.coresecurity.comnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-12401683035570151562010-05-07T14:39:08.096-07:002010-05-07T14:39:08.096-07:00can you help me hack a bank? or can you do it for ...can you help me hack a bank? or can you do it for me ???Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-63365519686602929372010-05-05T11:29:06.544-07:002010-05-05T11:29:06.544-07:00Everybody knows that the tools won't produce h...Everybody knows that the tools won't produce high quality output but everybody also knows that they aren't designed to do that.<br /><a href="http://www.purplepatchservices.com/" rel="nofollow">Dallas web design company</a>Unknownhttps://www.blogger.com/profile/16517796532057869735noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-70255229662976890452010-05-01T17:02:22.484-07:002010-05-01T17:02:22.484-07:00Robert Bannerjee said...
3 Questions :
1)&qu...Robert Bannerjee said...<br /><br /> 3 Questions :<br /><br />1)"send that PDF document to the bank’s AR/AP department from the banks trusted IT Services provider."<br /><br />Did you fake mail ?? wasn't it stopped by their spam filters in place ?<br /><br />Yes we faked the email.<br /><br />2)For AV evasion checking did u do virustotal ? OR check locally ?<br /><br />Checked locally using he same AV scanner (and yes they used the same one for the server too, but that's since changed for obvious reasons). <br /><br />3)In your experience as a pentester how often<br />has pdf-embedded-exploit (as a matter of fact any email vector) worked ? Any statistical data would be helpful :D<br /><br />The short answer is that it depends. Every target is unique and every customer has a different network. We've used email based attacks in a variety of ways with great success (and some failure). In fact, we even exploited a vulnerable AV scanner at one point. ;)Adriel Desautelshttps://www.blogger.com/profile/16119732948300414743noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-21156591364899353342010-05-01T16:56:22.776-07:002010-05-01T16:56:22.776-07:00In response to beloved LonerVamp
---------
My is...In response to beloved LonerVamp<br /><br />---------<br /><br />My issue with automated tools isn't really an issue with the tools as much as it is an issue with the people/vendors using them improperly. <br /><br />Everybody knows that the tools won't produce high quality output (when compared to the results produced by a true expert), but everybody also knows that they aren't designed to do that. <br /><br />Automated tools are designed to make testing efficient, to identify low hanging fruit, and to reduce cost. They are designed to assist security professionals with testing or to help IT people maintain their networks. Use them right, and they are awesome. <br /><br />What really gets under my skin is when a security vendor produces a report that is the direct product of an automated tool and tells the end customer that its the product of talent and expertise. That happens all too often.Adriel Desautelshttps://www.blogger.com/profile/16119732948300414743noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-16922403298661747112010-05-01T16:02:16.252-07:002010-05-01T16:02:16.252-07:00In response to: April 28, 2010 2:37 PM
----------...In response to: April 28, 2010 2:37 PM<br /><br />----------------------<br /><br />I agree that there's nothing unorthodox about using metasploit and its respective PDF functionality. But if you're saying that our methodology is Standard then I challenge you to prove it.Adriel Desautelshttps://www.blogger.com/profile/16119732948300414743noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-15032772109897352522010-04-30T18:19:20.655-07:002010-04-30T18:19:20.655-07:00Thank you for providing a very clear writeup of yo...Thank you for providing a very clear writeup of your work. Despite another commenter saying this is SOP, not many other people blog so straightforwardly as this. And thanks to your client for being understanding about your communications :) Everyone has to deal with this!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-19910625260001538962010-04-30T12:55:04.896-07:002010-04-30T12:55:04.896-07:00Very well written. Nice entry :)Very well written. Nice entry :)Sergiohttps://www.blogger.com/profile/17090961257870702519noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-59801388035305914992010-04-30T06:54:56.810-07:002010-04-30T06:54:56.810-07:00Also good write up on a "pen-test" altho...Also good write up on a "pen-test" although you left out some important information, namely. How did you determine the scope and boundaries of the assessment, How did you package the results to the client? Did they include risks or prioritization? How did the client respond? How were you asked to assist going forward? A pen-test is of absolutely no value if the appropriate root-causes and follow-up actions identified and reported.<br /><br />Thanks!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-49882040960754678762010-04-29T15:37:36.875-07:002010-04-29T15:37:36.875-07:00Wow, thanks for the response and comments. I'...Wow, thanks for the response and comments. I'm not going to be able to reply to all of these comments because I do have to work too. ;) I will try to address a few in the near future.Adriel Desautelshttps://www.blogger.com/profile/16119732948300414743noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-38568844370220713532010-04-29T03:17:54.236-07:002010-04-29T03:17:54.236-07:00Very good story, enjoyable read. Highlights how mu...Very good story, enjoyable read. Highlights how much easier nowadays it is to get the client to do the hard work for us and move on from there.-Sie-noreply@blogger.com