Archive for June, 2008

Grabbing LM challenges with an ettercap filter

Tuesday, June 24th, 2008

hack-fu by: bob So… this is an amalgamtion of several ideas and bits of work I’ve found floating around that I put together. The result is a handy pentesting/pwnage technique. The following blog that kicked this idea off discusses a modified Metasploit exploit module called smb_server.pm by Kurt Grutzmacher: NTLMv1, Metasploit and You. Around the same time I’d been playing with some ettercap filters, based on the below work at Irongeek: Fun with Ettercap Filters. These two sparked something and gave me a use of those huge LMHALFCHALLENGE rainbow tables I’d downloaded. (more…)

Posted in Networking, Windows, hack-fu | No Comments »

dradis v1.2 - now with one-click installer

Friday, June 13th, 2008

dradis Windows one-click installer icon
In adition to the changes released on the 4th of April, yesterday we released a Windows one-click installer for dradis.

The summary of the features of the v1.2 release:

  • in the client:
    • export to XML module is now part of the standard module set.
    • a new implementation of the command line parser: now it is possible to use single and double quotes to pass multi-word arguments to the different commands.
    • fixed the window.rb:159 bug.
  • in the server:
    • a slightly less annoying implementation of the web interface auto refresh functionality.
    • the services added through the web interface can have a name now :)
    • simple prevention against embedded XSS.

You can also download the platform-independent ruby source in the download section of the site.

dradis banner. click to go to dradis home

Posted in Tools | No Comments »