Password Generator – L337’r

Password Generation Tool For most organisations one of the most prevalent security concerns remains users selection of secure passwords. Even when restricted through a reasonable password policy, users seem to continue to select passwords with some relevance to the geography of the area, the name of the business or popular sporting/hobbyist interests specific to the… Continue reading Password Generator – L337’r

IOS App Testing – Part 1

The first in a series of IOS app testing blogs, this blog will focus on some of the more simplistic IOS app vulnerabilities and how to exploit them. I won’t be wasting time talking/walking through the methods exactly and explaining all syntax used etc. This first blog is just to show how easy it can be… Continue reading IOS App Testing – Part 1

Smart LSA Secrets Module

I decided to take two modules and crash them together to add some automation to some tasks that I seem to pick up often. I took the LSA Secrets module and the Domain Group Enum module and combined them to be one module. I then added some addition comparison functions to inform me if any… Continue reading Smart LSA Secrets Module

SNMP Process Sniper – Kill Windows Processes With SNMP Write Access

On a recent test I came across SNMP write access on a Windows box and really wanted to use it to lower the security posture of the server however at the time the only attacks that I could come up with were Denial of Service (change IP, name etc) or Pointless POC’s (writing a contact… Continue reading SNMP Process Sniper – Kill Windows Processes With SNMP Write Access

Mcafee EPO Static Encryption Key

I came across a Mcafee EPO server not long ago and found that during an on host review it stores the SQL database connection details and encrypted password in a file within the EPO directory, “/conf/orion/db.properties”. The password is encrypted with a statically known key that is used on all EPO deployments of a similar version.

The good news is there is already a metasploit module created in which someone has kindly went to the effort to extract the encryption key.