Hacking Jenkins Servers With No Password

Author: Royce Davis Posted In Penetration Testing Tutorials On: 2014/06/13 Comments: 3
Hacking Jenkins Servers With No Password

Here’s a fun Jenkins trick I have been using on some recent Information Security Assessments to gain an initial foothold. If you aren’t familiar with hacking Jenkins servers, it runs by default on port 8080 and also by default it has no password (Hurray!). According to their Wiki: “Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron.” Here is what Jenkins looks like. Read More


Phishing Frenzy: Increase Reporting Fu

Author: zeknox Posted In Phishing On: 2014/06/11 Comments: 2
Phishing Frenzy: Increase Reporting Fu

The development and addition of new features within Phishing Frenzy (PF) continues to grow. Some of these latest upgrades and email phishing features come from a lot of feedback that I have obtained from the community. Thank you all for the great feedback regarding PF.

Recently PF was converted and upgraded to run the latest version of bootstrap. Previously PF was running bootstrap version 2 and was missing out on some of the latest bootstrap features. The conversion was fairly long and painful, but the end result is very pleasing.

Read More


Thotcon 0x5 Phishing Frenzy

Author: zeknox Posted In Presentations On: 2014/05/15 No comments
Thotcon 0x5 Phishing Frenzy

As most of you already know, Thotcon one of the paramount security conferences took place a couple weeks ago in Chicago. I got the incredible opportunity to present on the main stage about Phishing Frenzy and show off some of the new features now available.

During the presentation at Thotcon Adam Ringwood and I gave a live demo of the new features and executed a simulated email phishing attack. Those of you who missed it I’ve summarized most of the details in this blog post. Read More


Phishing Frenzy: Installing the Monster

Author: zeknox Posted In Phishing On: 2013/12/30 Comments: 9
Phishing Frenzy: Installing the Monster

If you’ve been following along with us, you’ve noticed we recently released a new software tool for penetration testers called Phishing  Frenzy (PF). PF is a feature rich ruby on rails application that helps manage your email phishing campaigns from creation, customization, to execution.

Since the release of PF we have been making lots of changes to help enhance the software for easier management of your email phishing  campaigns. Some of the biggest changes you’ll notice when you checkout the latest version is a new layout built on bootstrap, a new shiny logo, and sending of emails in the background using sidekiq.

Read More


Introducing Phishing Frenzy

Author: zeknox Posted In Phishing On: 2013/11/04 Comments: 7
Introducing Phishing Frenzy

A couple weeks ago I presented at this years Derbycon on an email phishing platform that I have been working on. The web application is geared towards penetration testers who want to help streamline the creation and management of email phishing campaigns. The application is written in ruby on rails and is available for download on the Github repository: Phishing Frenzy.

For those of you who came out to my presentation, I appreciate you all getting up so early (Saturday 9am) to hear my talk. Those of you who missed the talk I went over some of the features of Phishing Frenzy and launched a live phishing simulation. You can see the recording below thanks to irongeek. If your looking to see just the demo, fast forward to 11:52.

Read More


PentestGeek Was At Derbycon 3.0 “All in The Family”

Author: Royce Davis Posted In Presentations On: 2013/10/24 No comments
PentestGeek Was At Derbycon 3.0 "All in The Family"

derbycon-slide1

Ok so I know it isn’t exactly breaking news that DerbyCon 3.0 was awesome. Still I wanted to take a moment to reach out to any of our readers living under a rock and let them know that last September, the PentestGeek.com crew had an opportunity to represent at one of the coolest Information Security events of the year, the DerbyCon!

Read More


Smbexec 2.0 released

Smbexec 2.0 released

We released smbexec version 2.0 a few days ago and it comes with some rather large differences from previous versions. For one thing it was completely rewritten in Ruby, for another it now supports multi-threading. While it still maintains all of the functionality of previous versions (remotely dumping hashes from systems or domain controllers, identifying where domain administrators credentials are in use, throwing around obfuscated meterpreters, etc) , I wanted to highlight some of the larger changes and new features in this release.

For those that don’t know what smbexec is or haven’t used it before there was a great derbycon presentation  at the 2013 conference found here by Martin Bos (purehate) and Eric Milam (brav0hax). The quick description is that smbexec is a tool that focuses on using native windows functions/features for post exploitation and expanding access on a network after you gain some credentials, whether that be a hash or password for a local or domain account. It allows a pentester to quickly identify targets of interest and gain access to them across large networks without much need to worry about AV and UAC. You can grab the code at the pentestgeek github repo.
Read More


PowerSploit: The Easiest Shell You’ll Ever Get

Author: Chris Campbell Posted In Penetration Testing Tutorials On: 2013/09/18 Comments: 4
PowerSploit: The Easiest Shell You'll Ever Get

Sometimes you just want a shell. You don’t want to worry about compiling a binary, testing it against antivirus, figuring out how to upload it to the box and finally execute it. Maybe you are giving a demo of an awesome new Meterpreter post-exploitation module. Maybe you have less than a minute of physical access to a Windows kiosk machine and need a quick win. There are plenty of scenarios that end in a penetration tester gaining GUI access to a target machine through guessed or found RDP, ESX or VNC credentials. In those situations, the easiest way to get a Meterpreter shell without worrying about AV is with PowerSploit.

PowerSploit  is a collection of security-related modules and functions written in PowerShell. PowerSploit is already in both BackTrack and Kali, and its code is utilized by other awesome tools like SET  so you may already be using it!  Many of the scripts in the project are extremely useful in post-exploitation in Windows environments.  The PowerSploit project was started by Matt Graeber who is the author of the function we will use in this tutorial: Invoke-Shellcode.

Read More


Pwn all the Sauce with Caller ID Spoofing

Author: zeknox Posted In Penetration Testing Tutorials On: 2013/05/01 No comments
Pwn all the Sauce with Caller ID Spoofing

If we’re going to perform some pre-text phone calls we have a couple different options when it comes to the caller ID. We really only have 3 possible options which are: we do nothing to the phone number, we block our phone number, or we spoof our phone number.

Doing nothing to the caller ID will sometimes work depending on the area code you call from versus the area code that your client is located in. In my experiences, sometimes not blocking the number yields better results than blocking the number. I always feel like users are more suspicious when the caller ID says ‘blocked’or ‘unavailable’. Not only are they on heightened awareness, but I feel like they are less likely to even answer the phone thinking it’s most likely a telemarketer.

Read More


Subscribe To Pentest Geek

Follow Pentest Geek

twitterrssyoutubetwitterrssyoutube

Recent Posts

Penetration Testing

Categories

Metasploit

Archives

Web Application Hacking

css.php