'session'에 해당되는 글 6건

  1. 2012.04.24 Exploit Pack - Web Security Edition [New tool]
  2. 2011.11.04 Run POST Modules On All Sessions (1)
  3. 2011.03.23 SecureCRT Session 유지 설정
2012.04.24 18:44

Exploit Pack - Web Security Edition [New tool]

This tool allows you to take control of remote browsers, steal social network credentials, obtain persistence on it, DDoS and more. Demo: Main features: - Hacking of Gmail, Yahoo, Facebook, Live, Linkedin - Session persistence - 0day exploits included - Remote browser control - DDoS by creating botnets - Launch remote exploits - Steal credentials Questions? support () exploitpack com Official site: http://exploitpack.com ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------


출처 : http://seclists.org/


Trackback 0 Comment 0
2011.11.04 20:48

Run POST Modules On All Sessions

Jcran recently blogged about an easy way to run a post module on all sessions:

http://blog.pentestify.com/simple-framework-domain-token-scanner

msf> use post/windows/gather/enum_domain_tokens
msf enum_domain_tokens> irb
framework.sessions.count.each do |session|
  run_single("set SESSION #{session.first}")
  run_single("run")
  sleep 1
end


 
You use the POST module, drop to IRB and run those 4 lines, and bam, you win. With resource files we can automate this a bit more and have it so that we do this effortlessly with any post module.

Thinking back to http://blog.metasploit.com/2010/03/automating-metasploit-console.html and my rapid file PSEXEC resource file, we know we can run ruby inside of resource files with the <ruby> tag.

Save the following as runall.rc somewhere where you'll remember:

framework.sessions.count.each do |session|
  run_single("set SESSION #{session.first}")
  print_status("Running #{active_module.fullname} against session #{session.first}")
  run_single("run")
  sleep 1
end


 
Then when you want to run a POST module against every session you have you simply do:

msf> use post/windows/gather/enum_domain_tokens
msf enum_domain_tokens> resource runall.rc
[*] Running post/windows/gather/enum_domain_tokens on session 1



출처 : Room362.com

Trackback 0 Comment 1
  1. Favicon of http://emailmarketingblasts.net/business-info/money-mutual-cash-advance-the-be.. cash advance money 2011.11.05 05:06 address edit & del reply

    You use the POST module, drop to IRB and run those 4 lines, and bam, you win. With resource files we can automate this a bit more and have it so that we do this effortlessly with any post module.

2011.03.23 09:27

SecureCRT Session 유지 설정


메뉴에서 Options - Session Options - 카테고리로 이동,

Terminal 항목에 Anti-idle 이라는 항목에서 설정.

Send protocol NO-OP 를 선택하고 every 60 seconds 로 설정해 주면
지속적으로 빈문자열을 보내 접속된 세션이 TIMEOUT 으로 자동으로 끊어지지 않고 유지가 됩니다.

보다 자세한 내용은 첨부파일 참고.

 

* 또다른 방법은 ssh 설정 변경
 /etc/ssh/sshd_config 설정파일 
ClientAliveInterval 300 (기본값 0)
5분마다 서버는 연결을 유지하기 위해 클라이언트에 메세지를 보내게 됩니다.

Trackback 0 Comment 0