Practical Exploitation

Sep 23

Anonymous asked: more on ipv6! joe klein has an interesting presentation on the dojosec blog (july), what are you working on?

Will do. I’ll be showing off the THC tools in some coming videos

Anonymous asked: Thanks for doing this. Great job!
One thing - can you make the name of your postings match the title of the post. As it is, when I bookmark one, the name of the bookmark name is "Practical Exploitation" rather than the title of the post.
Thanks!
Keep up the great work!

Working on it. Thanks for the heads up!

Anonymous asked: Mubix, thx for all the precious knowledge and tech you share with us.
Lot of a videos i came a cross on net are about point to point attacks or similar, very simple demonstrations.
What i realy wanna see is a little bit complicated attacks with tunneling and proxy implementation on zombie host. And then attack vector thru zombie. Can u do some video about MSF and tunneling, proxy implementation>
Thx,

Definitely. I’ll work on getting it set up. Expect a bunch of videos starting in October.

Sep 07

Here goes. Do you know why spoonwep was dropped from Backtrack 4? Also is it easy to install?

@purehate_ could probably answer that question a lot better since he is a BT dev. Also, I’ve used spoonwep before but it’s been a while. I would expect it to be a pretty easy install.

Ask me anything

1+1

That inquiry is superior to my abilities of deduction. Please ask Wolfram Alpha.

Ask me anything

Sep 06

If you only had exactly 24 hours left to live, no matter what, what would you do?

Sit and talk with all of my closest friends and family.

Ask me anything

Aug 25

Hey Mubix! I was the guy who asked about CDC tool recommendations on Twitter for blue teams/defenders. Any strong suggestions there? Flint by Matasano looks wicked cool, but it turns out it’s ASA and PIX only.

My best suggestion for Blue Teamers in an event such as CCDC is teamwork and preparation. Nothing beats practice.

Ask me anything

Hello! I’m trying to find a free packer for my compiled program. The problem is that some AV software recognizes my app as a suspicious file, and I’d like them not to. My goal would is to pass all the virustotal tests. UPX does not help ;)

It really depends on what you want it to do. But definitely check out Polypack @ http://polypack.eecs.umich.edu/

Ask me anything

Have you ever run a portable version of spyware remover through logon scripts i have few machines infected with a nasty spyware and our anti virus does not have e updates to detect this virus at this moment so i was thinking to silently run & remove it

All *-ware removers are only halfway decent at their job, they try but it’s just too hard to keep up. So, normally I just reimage the machine. I keep pretty decent nLite scripts for each host I’ll need to set up.

Ask me anything

Hi Rob , this is a noob question How do i update metaspoilt on backtrack 4 ? can i get the command in doing so . .

Change directory into the “framework3” directory and run `svn up` that will update you to the latest SVN version. While this puts you on the cutting edge of updates to the framework, somethings may be broken, so always keep another copy of the framework a few revisions old.

Ask me anything