Linux Exploit Suggester

Background Many moons ago I stumbled across a broken script on an incident response job.  The Hackers uploaded numerous exploits and scripts in an attempt to compromise a Linux RedHat server.  Among these files was a broken script (that did not work) that would suggest possible exploits given the release version ‘uname -r’ of the Linux Operating System. This gave me an idea; create my own that actually works…. As…

HOWTO: Metasploit Java Applet Attack

Using a recent Java exploit released by Nathan Keltner of The Metasploit Project, Pentura Labs are going to demonstrate how to inject a Meterpreter payload into a browser session via a Java applet. To get this attack working. you’ll need to get your victim to click the attackers URL via whichever method you choose (email, verbal, linked from a website etc.). Once the applet has been executed, your payload is…