Hi guys!

Well, I believe if you are reading this topic you should (at last I hope :) ) know how to use yersinia much better than me.

I was looking at the Yersinia man-page...

Hi KMDave, secure_it and williamc,

Thanks for the answers.

I think I was not much clear, nmap do not recognize it is not a problem, I just commented. I know it's a cisco concentrator vpn at...

Hi!

I'm pen-testing a network which have a vpn from Cisco 3000 series, it's a concentrator where ipsec connections are tunneled over TCP port 10000.

Someone have experience with this?
...

Hello

I do not know but about it. But your client use TKIP over WPA?

I did see there is a flaw in TKIP which allow to decrypt very fast any PSK if it's being used. However I do not know which...

Hello ipndrmath,

Which Linux are you using? What kernel?

Maybe you have the gcc protection or VA protection enable?

Please, execute the following command and paste results here:

cat...

Hi cybrsnpr

Thank you for reply.

I did think in use dsniff package (arpspoof) but I got no sucess. In theory I should only setup a one way arp spoof and disable ip_forward, not?

Like this:

Hi KMDave

How are you?

Sure, I work for a security company and one of my jobs are internal penetration tests, as I already had explained it here in another post I was believing it was clear.
...

Hi

I need to arp poisoning / redirect clients in some how the traffic from the LAN goes to my own machine (not forward to just sniff). Let me explain, I'm inside a network and I want to setup a...

I'm not a exploit specialist and I had not played with stack overflows for a long time, but I believe it's happening because you are returning to the wrong place. I believe you are overwriting your...

Hi guys,

Some time ago (maybe more than 1 year) I remember I seen two nice projects, however (yes, I'm dumb sometimes :) I never had put it into my bookmark.

One of this projects / tools was a...

Hi,

When doing internal penetration tests, one of the most interesting points is look for old OS who doesn't have more patches, like Windows NT 4.0 and Windows 2000.

I in general do it via...

Hi

Thank you all for help, however I was not able to obtain access via the SQL Server, appear that is unfrequently admin log into this server. It's used only as database server.

Only for...

Hi operat0r,

Thank you for reply.

Nice your articles (the link to video using ettercap to replace images is not found - http 404 error code).

As I spoke, I tried to poison the network,...

Hi guys,

Let me resume the history, I'm doing a internal penetration test (yes, this time I can use my laptop :D ).

The network is big and have several classes, I'm in a network class where the...

Hi =Tron=

Thank you, the FastTrack information was the key, for who also want some example:

H T T P://forums.remote-exploit.org/showthread.php?t=15879

It appear to be a nice tool, should be...

Hi,

Today I was reading a presentation from HD More and I seen that since version 3 Metasploit can integrate with nmap, to automate the exploitation process. :)

Someone have used it?

I...

Hi pureh@te,

Lolll! I thinked it was a big news from Defcon... hehe :)

Are this David FPGA hardware really much more faster than nowdays computer with this graphical cards for cracking...

Hi guys,

Thank you for all help.

I was not aware of this "beer can", it is really incrediable! :)

It worked (took some time, but worked). Amazing!

I seen in the same site tricks to open...

Hi,

Not exactly a graphic card, but this year at Defcon a guy (David Hulton) was selling some small FPGA boards, with a good price. In the flyer, it claims to be able to crack password 10 times...

Hi,

Thank you all for replys.



I spoke with the contractors and it's allowed. However I was unable to lockpick the device. It's a secure pad-lock more or less like this (don't know the name...

Hi,

I'm pen-testing a different environment, my pen-test is internal (more like insider).

All I have is a PC from the company (without any tools, only Windows) connected to the local network....

Hummm... it's very interesting. At Defcon Wireless network the same happens, you are unable to see any other laptop. Is it Client Isolation?

I looked at google and couldn't find a way to bypass...

Yo guys,

I have some doubts, can you give some hints? :)

a) I know I can install new packages in BackTrack downloading RPM files and converting to .tgz and than install it. But it's not very...

Hello,

I'm new user, so I'm not able to post in the right section, if moderators could please move it to the right place.

I would like to report that BackTrack 3 is not able to detect and have...