0

Ubuntu LTS gets 5 years of patches. I don't dare dist-upgrading in production though, but 5 years is long enough for a rebuild once in a while.

1
  • Google Chrome post exploitation modules
  • Solaris 10 x86 recommended patch cluster skype
  • Afterfall insanity patch 2.01 skype
  • Tdu2 unofficial patch 0.3 skype
  • Solaris 10 patch cluster
  • Worldshift patch 1.0.9 skype
  • Pesedit 2020 patch 1.0 skype
  • Solaris 10 patch cluster firefox
  • Cs source patch v20 skype
  • The pumpkin patch parable skype

This module will download OS X Airport Wireless preferences from the victim machine. The preferences file (which is a plist) contains information such as: SSID, Channels, Security Type, Password ID, etc.

2

Logs all keyboard events except cmd-keys and GUI password input. Keylogs are transferred between client/server in chunks every SYNCWAIT seconds for reliability.

Multiplatform post exploitation modules

Over a period of time, FreeSwitch has brought a huge revolution in the communication sector by enabling the digital transformation from ordinary telecom switches to a versatile software execution that runs on any commodity hardware. The FreeSwitch development services can help businesses to route and interconnect communication protocol with the outside world. Besides, FreeSwitch can be scaled to any size as per the needs and requirements of businesses.

3

Some quick background for the unfamiliar; SSH stands for Secure SHell, and it permits making encrypted connections into other computers over a network or the broader internet. You can use the SSH client in Mac OS to connect to any other machine with an SSH server running, whether it’s on another Mac with Mac OS X, linux, unix, or Windows computer does not matter, as long as it has an SSH server running it and you have credentials, it can be connected to securely.

Almost every week we develop new check plug-ins. You might have to update Checkmk in order to be able to use them.

4

New Generation Enterprise Linux Mounting HGFS shares: error on booting Linux on VM? Comments Feed

This module attempts to upgrade a command shell to meterpreter. The shell platform is automatically detected and the best version of meterpreter for the target is selected.

This module will execute the BloodHound C# Ingestor (aka SharpHound) to gather sessions, local admin, domain trusts and more. With this information BloodHound will be able to identify attack paths that could lead to compromise of the Active Directory environment.

5

This module will enumerate the Microsoft Credential Store and decrypt the credentials. This module can only access credentials created by the user the process is running as. It cannot decrypt Domain Network Passwords, but will display the username and location.

I swear, Skype (https://yamamotonight-m.ru/hack/?patch=1724) for Business took us more effort to setup than any other MS product. It wants so many damn servers, all separate. Good thing we are finally (mostly) virtualized now and have enough CPU/RAM/storage to spin up VMs instead of screwing with hardware.

6

By the way if you want to allow someone else to remotely SSH into YOUR Mac, you’d need to setup the native SSH server on your Mac (easy as described here) and then you’d want to add a new user account to the Mac for that person, never share your own login and password with anyone else. Keep in mind if you give someone SSH access to your Mac with an admin account, you are giving them full access to your computer, all files, apps, activity, logs, and everything else, representing complete and total remote access to the computer. The command line has a huge number of commands available and is more powerful than the familiar graphical interface (GUI) we all know and love, so you probably do not want to allow for this randomly. Anything you can do at the command line can be done through ssh, assuming appropriate user privileges – this is why it’s so widely used for systems administration and by advanced users, and much less relevant to neophytes and the less technically inclined. If you want to give someone remote access for troubleshooting purposes and you’re a novice, a better approach is to use screen sharing instead.

So, cracked into the other (failover) switch, and did more sleuthing. Turns out, there are precisely ten ports (and they matched with the first switch before I cleared them) on VLAN37. There's a VLAN36 with nothing on it. And VLAN1 with everything left over as Untagged.

7

This module send probe requests through the wlan interface. The ESSID field will be use to set a custom message.

This module attempts to determine whether the system is running inside of a container. It supports detection of Docker, LXC, and systemd nspawn.

8

Sudheer Kumar Vasamsetti conducts classes in Amazon Web Services, CCNA Training and Computer Course. Sudheer is located in Moosapet, Hyderabad. Sudheer takes at students Home, Regular Classes- at his Home and Online Classes- via online medium. He has 12 years of teaching experience.

This module collects the hostnames and private keys of any TOR Hidden Services running on the target machine. Root permissions are required to read all Hidden Service directories, which are usually owned by a separate account.

9

For an alphabetical list please refer to the List of check plug-ins

This module attempts to enumerate containers on the target machine and optionally run a command on each active container found. Currently it supports Docker, LXC and RKT.

Specify whether or not you want to enable IPv6, the next generation Internet Protocol, on this network interface. Enabling IPv6 will have no effect if this machine is not on a network that provides IPv6 service. IPv4 service will not be affected if IPv6 is enabled.

10

This module allows reading and searching email messages from the local Outlook installation using PowerShell. Please note that this module is manipulating the victims keyboard/mouse. If a victim is active on the target system, he/she may notice it.

What's New in Release 11.0

This module enables the Remote Desktop Service (RDP). It provides the options to create an account and configure it to be a member of the Local Administrators and Remote Desktop Users group. It can also forward the target’s port 3389/tcp.

11

Sqoop Connectors are used to transfer data between Apache Hadoop systems and external databases or Enterprise Data Warehouses. These connectors allow Hadoop and platforms like CDH to complement existing architecture with seamless data transfer.

Metasploit post exploitation modules logo

This module controls Sonic Pi via its local OSC server. The server runs on 127/0.0/1:4557 and receives OSC messages over UDP. Yes, this is RCE, but it’s local.

12

Overview of Checkmk Plug-Ins

This module gathers system information. Ir collects installed packages, installed services, mount information, user list, user bash history and cron jobs.

Open Terminal for the Mac SSH client

This module dumps SHA-1, LM, NT, and SHA-512 Hashes on OSX. Supports versions 10/3 to 10/14.

13

This module will collect the Messages sqlite3 database files and chat logs from the victim’s machine. There are four actions you may choose: DBFILE, READABLE, LATEST, and ALL. DBFILE and READABLE will retrieve all messages, and LATEST will retrieve the last X number of messages (useful with 2FA).

  • Lumension patch and remediation skype
  • Idm with patch filehippo skype
  • Solaris 10 patch cluster games
  • Solaris 10 patch cluster music
  • Dldi patch lameboy.nds skype
  • Cnc4 offline patch.exe skype
  • Ariza patch s4 i9500 skype
  • Combinatorial geometry patch agarwal skype
  • Solaris 10 patch cluster oracle
14

This module makes it possible to apply the ‘sticky keys’ hack to a session with appropriate rights. The hack provides a means to get a SYSTEM shell using UI-level interaction at an RDP login screen or via a UAC confirmation dialog.

OBDSTAR OdoMaster vs. X300M

Our Unix consultant provide training and support to help IT professionals and customers. Our curriculum provides a unique training value built on exclusive product knowledge, a complete education experience, and flexible options and address common implementation needs and scenarios.

15

Want to see more SSH tips (here)? Do have any fancy SSH tricks you want to share? Do you know of a better SSH client than OpenSSH that is built into Mac OS?

This module powers an HWBridge-connected radio transceiver, effectively transmitting on the frequency set by the FREQ option. NOTE: Users of this module should be aware of their local laws, regulations, and licensing requirements for transmitting on any given radio frequency.

16

Scans between two CAN IDs and writes data at each byte position. It will either write a set byte value (Default 0xFF) or iterate through all possible values of that byte position (takes much longer). Does not check for responses and is basically a simple blind fuzzer.

Do you know of a better SSH client than OpenSSH that is built into Mac OS

This module will be applied on a session connected to a BusyBox shell. It will enumerate host names related to the device executing BusyBox.

17

This will dump local accounts from the SAM Database. If the target host is a Domain Controller, it will dump the Domain Account Database using the proper technique depending on privilege level, OS and role of the host.

How to SSH on Mac

This module will collect Colloquy’s info plist file and chat logs from the victim’s machine. It also allows to search for a specific patterns in the chat logs.

18

Especially Srinivas sir teaching was excellent. He will explain with real time examples.

Solaris 10 recommended patch cluster
1 Dayz beta patch 96751 skype 66%
2 Dayz beta patch 94876 skype 5%
3 Dayz beta patch 94444 skype 42%
4 Spore patch 5 asymmetry skype 99%
5 Solaris patch cluster from oracle 2%
19

Post module for HWBridge RFTranscievers. Brute forces AM OOK or raw binary signals. This is a port of the rfpwnon tool by Corey Harding.

It is important to note that the development of communication solutions using FreeSwitch often requires certain key skills and expertise. Therefore, when considering the service to hire FreeSwitch developers, businesses must choose developers who are highly skillful to deliver customized solutions by utilizing FreeSwitch development.

20

He conducts classes in Oracle Training, Sun Solaris 10 and Veritas Cluster Server

This module examines the sudoers configuration for the session user and lists the commands executable via sudo. It also inspects each command and reports potential avenues for privileged code execution due to poor file system permissions or permitting execution of executables known to be useful for privesc.

Download Full VMware Flash Read Cache Compatibility Guide

Monitor various components of Splunk such as Alerts, Health, Jobs, System messages etc. Also, Checkmk monitors Splunk licenses and its usage.

21

Multi browser post exploitation modules

All plug-ins listed here are actively maintained by the Checkmk team. Further free plug-ins from users, partners or third parties are available at the Checkmk Exchange.

This module will enumerate AD groups on the specified domain which are specifically managed and list of the managers. This can identify privilege escalation opportunities or persistence mechanisms without having domain admin privileges.

22

To specify the default route, you can let the software try to detect one upon reboot, you can specify the IP address of the router, or you can choose None. Choose None if you do not have a router on your subnet.

This module will attempt to change the password of the target account. The typical usage is to change password of a newly created account.

23

This module will create a Golden Kerberos Ticket using the Mimikatz Kiwi Extension. If no options are applied it will attempt to identify the current domain, the domain administrator account, the target domain SID, and retrieve the krbtgt NTLM hash from the database. By default the well-known Administrator’s groups 512, 513, 518, 519, and 520 will be applied to the ticket.

NagiosXI may store credentials of the hosts it monitors. This module extracts these credentials, creating opportunities for lateral movement.

24

This module installs OpenSSH server and client for Windows using PowerShell. SSH on Windows can provide pentesters persistent access to a secure interactive terminal, interactive filesystem access, and port forwarding over SSH.

This module will enumerate user accounts in the default Active Domain (AD) directory which contain ‘pass’ in their description or comment (case-insensitive) by default. In some cases, such users have their passwords specified in these fields.

25

Seesaw is developed in Go language and works well on Ubuntu/Debian distro. It supports anycast, DSR (direct server return) and requires two Seesaw nodes. They can be either physical or virtual.

20140624 skype 4 3 for linux

Maps remote disks and logical volumes to a local Network Block Device server. Allows for forensic tools to be executed on the remote disk directly.

26

Check the status of the Fujitsu SC2 and the status of the Primary BX600 Blade Enclosure and Server. Also monitor your Fujitsu storage systems Eternus DX and DX500/DX80s.

Download Full Systems Compatibility Guide

This module initiates a PPTP connection to a remote machine (VPN server). Once the tunnel is created we can use it to force the victim traffic to go through the server getting a man in the middle attack.

27

This module enumerates the victim machine’s domain controller and connects to it via SMB. It then looks for Group Policy Preference XML files containing local user accounts and passwords (cPassword) and decrypts them using the publicly known AES key.

Android post exploitation modules

NFS version 4 uses a domain name that is automatically derived from the system's naming services. The derived domain name is sufficient for most configurations. In a few cases, mounts that cross domain boundaries might cause files to appear to be owned by "nobody" due to the lack of a common domain name.

28

This module extracts saved Wireless LAN profiles. It will also try to decrypt the network key material. Behavior is slightly different between OS versions.

OBDSTAR ODOMASTER Odometer Correction Tool Full Version Multi-Language 

Well that could be Toronto or Detroit. One of them is not like the other.

29

Know All About FreeSwitch Development that Makes it an Ideal Telephony Solution

If you are like me, chances are that you might be using only a handful of them. Well, hopefully this Metasploit post exploitation reference list will change that from now on!

Solaris 10, Symantec (Veritas Volume Manager 1.x- 6.x

This module can be used to capture keystrokes. It is recommended to run this module as a job, otherwise it will tie up your framework user interface.

30

This module closes the specified session. This can be useful as a finisher for automation tasks.

Skype for Business is complaining about a SSL cert for Skype Web App on one of the three Enterprise Pool front end servers. Because of this IIS won't open port 8061 and the other two servers are complaining they can't talk to the 3rd node on that port. But no ideas as to where to determine why it thinks the cert isn't any good. All three servers are using the same two certs (two internal from our PKI and the External one from Entrust).

31

Radio-frequency devices post exploitation modules

This catalogue lists check plug-ins that are shipped with Checkmk. For an alphabetical list please refer to the List of check plug-ins.

The moment I am asked to work on a network I am not familiar with, I go in with kid gloves and a notepad++ tab open to start documenting. If they can't give me management access, I start looking for console ports on switches and other gear and do whatever I can to document things before I touch/change anything. Label cables, photograph stuff, check ARP tables for IP/MAC association, etc.

32

In Enterprise Edition, added Probe Registration Key authentication while installing Managed server

This module will migrate a meterpreter session based on session privileges. It will do everything it can to migrate, including spawning a new User level process.

Did you know the Mac has a native SSH client built directly into the command line? This ssh client allows for secured connections and remote logins into other machines. Unlike Windows, you won’t need a third party app to utilize SSH for connections into remote computers and devices, because ssh is built directly into Mac OS and Mac OS X – perfect!

33

This module will create an entry on the target by modifying some properties of an existing account. It will change the account attributes by setting a Relative Identifier (RID), which should be owned by one existing account on the destination machine.