Quick howto on changing apt/apt-get's User-Agent string.
Review of SANS Webcast – Gearing up for 2019 – Best Practices to Consider
My review of the SANS webcast Gearing up for 2019 - Best Practices to Consider
Keeping Nmap Scan History
Logging nmap scans using bash/zsh functions.
packet_write_wait: Connection to X.X.X.X port 22: Broken pipe
I was trying to SSH into a machine from my Kali Linux VM shortly after updating packages and encountered this error immediately after authenticating: packet_write_wait: Connection to X.X.X.X port 22: Broken pipe I was using VMWare Workstation. SSH on my host was working as expected. Another VM in VirtualBox was working just fine, too. Another …
Continue reading packet_write_wait: Connection to X.X.X.X port 22: Broken pipe
Job Interview Blunders
I have had the honor and pleasure of interviewing for some genuinely great security teams. Unfortunately, I am not good at the interview process. This has cost me several opportunities that I feel that I would have enjoyed. I assume other people have had these same problems. This blog post will outline the areas in …
Bypassing IPv4 Security Measures Using IPv6
Introduction It is July 1st, 2018. Many systems and network administrators have a solid understanding of IPv4 networking and its underlying protocols, but little or no experience using IPv6. This is crazy to me, but we live in interesting times. IPv6 has been around for quite some time, but it still hasn’t been fully adopted. …
Continue reading Bypassing IPv4 Security Measures Using IPv6
SLAE #7: Shellcode Crypter for Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-7 directory. RC4 I decided to use the RC4 algorithm due to the fact that …
SLAE #6: Polymorphic Shellcode for Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-6 directory. What is Polymorphic Shellcode? Quoting the Wikipedia article about Polymorphic Code directly: In …
Continue reading SLAE #6: Polymorphic Shellcode for Linux/x86
SLAE #5: Reverse Engineering Shellcode for Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-5 directory. Assignment Outline This particular assignment is to dissect three shellcodes from msfpayload using …
Continue reading SLAE #5: Reverse Engineering Shellcode for Linux/x86
SLAE #4: Encoding Shellcode for Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-4 directory. What is an Encoder? An encoder takes a set of data and transforms …
SLAE #3: Egg Hunters for Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-3 directory. What is an Egg Hunter? Egg hunter shellcodes are one example of a …
SLAE #2: Reverse Shell For Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-2 directory. The previous post outlined how the basics of writing shellcode and the prerequisite …
