We are about 20 hours in for our fundraiser for Childs Play Charity we will be playing all the Nintendo Mario Brothers series from start to finish. We are just under $1000 donated of our $3000 goal. If you have a dollar or two to spare please help out. It’s for a really great cause. … Read More “Mario Marathon” »
The illmob krew is heading out to Vegas for Defcon, See ya there!!!
Just finished my 2nd module for metasploit in time to go to Defcon. This one will search the Documents directory for all *.rdp files and output the host,user,password to your meterpreter session. Check it out ::HERE::
Nick Harbour wrote on his blog about new spyware using fxsst.dll which is present on the system when the system is running as a Fax server. Seems the explorer.exe automatically loads the dll when logging on. Mubix decided to test this out with a .dll generated in Metasploit and it worked every time on his … Read More “New Startup Method?” »
Just submitted my first attempt to write something for Metasploit @ dev.metasploit.com. It jacks victim’s bitcoin wallets on windows boxes and sends them back to attacker on meterpreter. saves wallet in your loot folder, on windows it would be %userprofile%\.msf3\loot on nix it would be /root/.msf3/loot
RobinHood is a simple program in assembler that steal’s the victim’s BitCoin wallet.dat and uploads it to an FTP server. You need to assemble the source yourself, get it ::HERE::
Tickets are on sale now for eXcon and BSidesCT in Meriden,CT June 11th http://exconference.com If you want to attend or speak at the conference hit their email up on the site!!!
Programmable embedded devices have the capability of being detected as a HID device , just like a keyboard or mouse. So if you have physical access and a minute alone you can basically own a system with something the size of your thumb. The possibilities are endless, HTTP/FTP download, injecting binaries into debug or Powershell … Read More “The new threat” »
Seems Comcast has a hidden admin user account on their business class modems other than the usual user:cusadmin-pw:highspeed. You can log in locally using the username mso and password: D0nt4g3tme . Furthermore you can also use Cross Site Request Forgery in iframes to set the modem to open up its remote admin ports to all … Read More “Hidden Comcast Modem User” »
Used by Stuxnet to escalate privs in win2k and XP Explanation of the code ::here:: and source code ::here::