Thursday, May 3, 2012

Security and Attacking Seminar with Onno W. Purbo

Yay, finally Mr. Onno W. Purbo will come to my university to give a seminar about Information Security. Mr Onno W. Purbo is a well known IT Expert in Indonesia. He is an expert that can make something about IT that actually is difficult to be understood become very-very easy to be understood even for beginners. More interesting thing, anything he is talking is about OpenSource. I can say that he's the father of OpenSource in Indonesia. More info about Mr. Onno W. Purbo can be found in wikipedia.


Wednesday, May 2, 2012

Hex Generator

Finding bad character when developing an exploit is important to make the exploit works properly as we want. In my post about searching bad character I used a perl script to generate a series of hex character start from 00 to FF. Here's other script used to generate it. I found the script at this site. It is written in python language.

Download here.

Script:
#HEX Generator
#http://www.digital-echidna.org
#0x04112011

def gene():
        c=0
        x=0
        hslgen='"'
        while x <= 255:
          hslhex=hex(x)
          if c == 16:
            hslgen=hslgen+'"\n"'
            c=0
          if x <= 16:
            hslgen=hslgen.replace('0x','\\x0')
          hslgen=hslgen+hslhex
          x+=1
          c+=1

        print "\n#Generated with dE HEX Generator"
        print "#http://www.digital-echidna.org\n"
        print hslgen.replace('0x','\\x')+'"\n'

if __name__ == "__main__":
        gene()
"the quieter you become, the more you are able to hear.."

Tuesday, May 1, 2012

Metasploit ~ Upgrade Command Shell into Meterpreter

As I said in my post about meterpreter. It is an advanced payload that can do a lot of advanced task after a system is exploited. But why if we can only get a normal command shell after exploitation? Its rather difficult of course to do the post exploitation step. But that doesn't matter now, because one of the newer features in the Metasploit Framework is its ability to upgrade a command shell payload to a Meterpreter shell payload once the sytem has been exploited. This can be done by issuing "sessions -u <selected session>". This is usefull if we use a command shell payload as an initial stager and then find that this newly exploited system would make the perfect launching pad for further attacks.

Ok, let get started. I'll use a metasploit console version and the system that will be exploited is a Windows XP SP3 machine in my Virtualbox.