August 2012
7 posts
Reference base class instead of relative one in...
Add ‘::’ before the class call - like this:
FIle.read(‘blah’) // references relative
::File.read(‘blah’) // references base class
Add a manual route to Ubuntu
ip route add 192.168.0.0/16 dev eth0
Windows 'Uptime'
net stats srv
look for “Statistics since” and thats your boot time.
What separates a cyber red team from most collections of cybersecurity experts...
– (via redteams)
pcaprub and metasploit
cd /pentest/exploits/framework3/external/pcaprub
ruby extconf.rb && make && make install
RM Sparrow cache (databases) to stop crashes
rm -rf ~/Library/Containers/com.sparrowmailapp.sparrow/Data/Library/Application\ Support/Sparrow/*.sparrowdb
Create a postgres db for metasploit's use
createdb metasploit -E UTF8 -T template0
July 2012
5 posts
Unicode GNU Screen
Using the Screen/Script mantra if you run into non-ascii machine you will be wishing you started screen with a -U
screen -U == unicode supported
Dump DNS requests with tshark
tshark -f “udp port 53” -R “dns.qry.type == A and dns.flags.response == 0”
src: http://unix.stackexchange.com/questions/27246/how-to-gather-dns-a-record-requests
Delete all IE cookies from the command line
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2
You can use: RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351
to delete all, but Form Data, History, and Passwords could be useful ;-)
Creating Zombies with WCE
http://www.ampliasecurity.com/research/wcefaq.html#newntlm
C:\Users\test>wce.exe -s testuser:amplialabs:01FC5A6BE7BC6929AAD3B435B51404EE:0CB6948805F797BF2A82807973B89537 -c cmd.exe
And the ‘whoami’ will still give you ‘test’ as the current user, but any Network based auth will work using ‘testuser’ instead.
This requires Admin because it directly edits /...
Ignore joins and parts in a specific channel for...
/ignore -channels #ChannelName * JOINS PARTS QUITS NICKS
December 2011
5 posts
Switching gears...
When Google Reader decided to remove everything it was good for, we all scrambled to find new homes for things we wanted to share. Tumblr became a place that most of us flocked. I’ve found Tumblr to be not a very good substitue for Google Reader’s functionality (IMHO).
The other day, carnal0wnage told me about a service called ‘Buffer’, and all this thing does is do...
ShmooCon Epilogue →
ShmooCon 2012 FireTalks →
[Video] VulnImage - Manual Method →
Book: A Bug Hunter’s Diary →
November 2011
12 posts
[Site News] Vulnerable by Design (Part 3) →
WoW64 Egghunter →
Refreshed Windows System Call Table... →
Exploiting “Free Public WiFi” →
CardCase Tabs →
This is pretty awesome… It’ll be crazy to walk up a place, get what you need without ever opening your wallet. Scary a bit too
http://cognitivedissidents.wordpress.com/2011/11/01... →
HDMoore’s law
http://securityreliks.securegossip.com/2011/10/demo... →
AJAX Crawling Tool should definitely be something added to your tool belt.
Users click the attachment, use the 'secret... →
Engadget's SSD primer →
Everything you ever wanted to know about SSDs and the history of HDDs
Blog, Guides & Links →
g0tmi1k’s list of great resources
Autocomplete..again?! →
August 2010
1 post
Chia-Obama "I approve this message" Edition:
Posted via email from mubix’s posterous | Comment »
July 2010
1 post
Bitblaze talk w/ @charliemiller - #blackhat
Posted via email from mubix’s posterous | Comment »
April 2010
7 posts
{links} DAVTest and CMS Explorer http://bit.ly/9EAAKm
{blog} Vuln Disclosure Summarized http://bit.ly/aYQlei
{links} Extracting Files from PCAPs http://bit.ly/cQZ6pZ
{links} .HTACCESS Generator http://bit.ly/cn490L
{links} Apache Scalper http://bit.ly/a1vIwY
{links} Flint http://bit.ly/ctS35P
{blog} Metasploit Cyberwarfare http://bit.ly/d8yyv6
March 2010
9 posts
{links} Backtweets - Twitter Link Search http://bit.ly/8Xs4Gp
{links} “BAD” domain lists http://bit.ly/bxZefV
{links} Alexa’s Top 1 million domains http://bit.ly/9t0NBO
{links} Winsock Programming http://bit.ly/bYnUJk
{links} Shellcoding for Windows and Linux http://bit.ly/dap7JM
{links} Search Modules for Security Folk http://bit.ly/btpOMK
{links} Ubuntu Packages Search http://bit.ly/auK5DT
{links} HD Moore at 17 http://bit.ly/a5tLa0
{links} CSPP http://bit.ly/coMSlL
February 2010
4 posts
{blog} Practical Exploitation http://bit.ly/c1Pia2
{links} Mini Metasploit http://bit.ly/9QNc9y
{links} Web App Sec Pro’s Daily Crossword http://bit.ly/cGG4Oq