Automatic Routing Through New Subnets

Among the coolest features in metasploit is the ability to tunnel through a meterpreter session to the network on the other side. The route command in msfconsole sets this up but requires a bit of experience to get right. . . . → Read More: Automatic Routing Through New Subnets

Exploiting the Samba Symlink Traversal

Last night a video uploaded to Youtube, demonstrated a logic flaw in the Samba CIFS service. It was soon followed by a mailing list post. This bug allows any user with write access to a file share to create a symbolic link to the root filesystem, which allows access to any file on the system with the current users’ privileges. . . . → Read More: Exploiting the Samba Symlink Traversal

Postgres Fingerprinting

Many database servers provide version number, platform, and other salient details to just about anyone who asks, which makes very easy the fingerprinting of these applications. However, Postgres is a little bit shy with revealing such personal information about itself. The best way to determine the version of the Postgres datbase is to log in and execute a “select version()” query, but what if you don’t have the credentials? . . . → Read More: Postgres Fingerprinting