Royce Archives - Pentest Geek

Search Results For ""

Hacking Jenkins Servers With No Password

Hacking Jenkins Servers With No Password

Here’s a fun Jenkins trick I have been using on some recent Information Security Assessments to gain an initial foothold. If you aren’t familiar with hacking Jenkins servers, it runs by default on port 8080 and also by default it has no password (Hurray!). According to their Wiki: “Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron.” Here is what Jenkins looks like.Read More


Finding Logged In Users – Metasploit Module

Finding Logged In Users - Metasploit Module

Sometimes during an Information Security Assessment I find myself spending a fair amount of effort locating a server or workstation with a specific user logged into it. This could be because I am searching for a box with a Domain Admin, or maybe my engagement’s scope has a CTF style scope that requires me to find a single user logged into a large enterprise domain.

Whatever the reason, this processes can sometimes take a long time. Especially on a sizable network. Like most security auditors I’m not a big fan of doing the same thing over and over again so I decided to build a tool to help automate this process.

First we query HKEY_USERS to find out how many legitimate SIDs are currently logged in. We should see an output simalr to this.

Read More


Jigsaw.rb Now With SQLite3 Database Support

Jigsaw.rb Now With SQLite3 Database Support

Get The Code:
https://github.com/pentestgeek/jigsaw/tree/dev

This is just a quick post to highlight some of the new features added to the developmental branch of Jigsaw with SQLite3 support. In order to use this tool you’ll need to first install the ‘sqlite3-ruby’ gem. I do all of my ruby development using version 1.9.2 installed via RVM, so I recommend a similar environment because In my experience installing gems can be tricky when not using RVM.

[crayon show-plain-default=”true”]
$gem install sqlite3-ruby
[/crayon]

The help menu says that you can write to a database instead of a CSV file by using the -D option and specify the name of the .db file you want to output too.
Read More


Email Address Harvesting

Email Address Harvesting

Introduction
Harvesting email addresses is a common part of any external penetration test. Several tools exist that can be easily found with a simple google search that can greatly decrease the amount of time spent combing through search engine results.

I have recently released a new tool into the BackTrack Linux penetration testing distribution that has proven useful on many of my external gigs.

Introducing Jigsaw. Jigsaw is a simple ruby script that searches www.jigsaw.com for employee records and crafts email addresses based on first and last name entries pulled down from their website.
Read More


Enumerating URLs from IP Addresses Using Bing’s Search API

Enumerating URLs from IP Addresses Using Bing's Search API

Hey guys, just a quick post here. I wanted to share with you a simple ruby script I wrote that identifies web server URLs (if any) from a specified list of IP Addresses. I wrote this script for a recent Information Security Assessment where my client was unaware of all the URLs that were pointing to their external infrastructure (It happens more then you would think…) and provided me with only a list of IPs.

The script uses Bing’s Search API as well as the rbing ruby gem which has some prety self explanatory usage examples on the GitHub repository. Literally all it does is run the search ip:ipaddress for every host in the specified input file.

Run the script without any arguments or view the source code below for proper syntax and usage. Not much else to say about this tiny little guy accept that it proved to be quite useful during my last pen test. Hopefully someone else will find it handy too, as always code improvement suggestions are more than welcome.
Read More


Share This

Recent Posts

Subscribe To Our Mailing List

The Ultimate Burp Suite Training Program

Penetration Testing

Categories

Metasploit

Web Application Hacking


Copyright 2019

css.php