Brandon McCann Archives - Page 2 of 2 - Pentest Geek

Search Results For ""

Recover Spark IM Stored Passwords with Metasploit

Recover Spark IM Stored Passwords with Metasploit

Metasploit Module [1]

I recently added a post exploit module to the metasploit framework. The module will extract and decrypt passwords that are stored by the Spark Instant Messenger client. The passwords are stored in a file on the local HDD (spark.properties) using Triple DES encryption. This sounds all fine and dandy, but this all goes out the door when they hardcoded the key and made it publicly documented.

The vulnerability isn’t that new since it was documented by Adam Caudill back in July 2012 when he disclosed the details and PoC code in .net that illustrates how the attack can be completed.  Mubix recently submitted a  request to add this post exploit module into the framework. Well, SmilingRacoon and myself decided to answer the call and work up a module to accomplish this task.

Read More


NetLM Downgrade Attacks with Metasploit

NetLM Downgrade Attacks with Metasploit

Metasploit Module [1]

Recently I added a post exploit module to the metasploit framework  that will help automate the NetLM Downgrade attack.  If you are not familiar with the  attack, I highly suggest you read the following article by Dave Howard before continuing.

The purpose of this article is not to describe the NetLM attack, but rather demonstrate how the post exploit module functions and how it can save  time on a pentest or even get you that next step in order to take over the network.

Read More


Find Local Admin with Metasploit

Find Local Admin with Metasploit

Metasploit Module [1]

When conducting email phishing engagements I often run into situations where I gain a meterpreter session on the internal network, but I don’t have local admin privileges. Often times many penetration testers give up on the assessment because they have already illustrated access to the internal network and consider that adequate on an external engagement. I like to go that extra mile and really make an impact by showing what a malicious user can do once inside.

I feel many penetration testers ignore the fact that a user executed the payload. A user that is most likely part of a domain, and may have access to many additional resources on the internal network that we wouldn’t otherwise have access to.

Read More


Share This

Recent Posts

Subscribe To Our Mailing List

The Ultimate Burp Suite Training Program

Learn Network Penetration Testing

Penetration Testing

Categories

Metasploit

Web Application Hacking


Brandon McCann

Copyright 2024

css.php