By Mark Baggett
Hello Security Pros!
Many of you have noticed that SANS has included a challenge in this year's brochure for the Orlando conference. We had 79 people submit correct answers to the puzzle. From those names, we chose one name as the grand prize winner and that grand prize winner will receive four months of NetWars Continuous!
Without further ado, here are the results...
The winner of the challenge is...Paolo Balzarini. Congratulations Paolo! And congratulations to all who were able to come up with the answers as well as a big thank you to everyone who participated.
Solution write up:
The puzzle is solved in three parts. There are many ways you could solve different portions of ...
by Jeff McJunkin
Greetings! Those of you who attended ShmooCon this year may have noticed a challenge from SANS included in your Shmoo bags. If you didn't attend and you want to walk through the challenge yourself for some fun, I'd recommend you look at the challenge description and avoid reading the official write-up at the end of this post until you've looked at the challenge itself.
We're always excited to see the new ways our participants will solve our challenges, and the Shmoo crowd certainly didn't disappoint! We had lots of great entries which were a pleasure to read through.
As written in the original description, the first ten participants who solved the challenge will receive a free SANS NetWars t-shirt. If you see your name below, you will also have an email sent to orchestrate the details of getting your prize to you.
Accordingly, here are those ten winners!
Last Thursday, John Strand and I delivered a new webcast on post exploitation, covering all kinds of tips and tricks. I focussed on some of the cool stuff you can do with the Windows netsh command, including setting up port pivots, sniffing, and gaining remote access to a target's network configuration. John Strand discussed a new tool his team released that provides a command and control channel via gmail. We covered a lot of fun and useful material.
The slides are available here.
And, if you'd like to hear the webcast itself, you can do so
[Editor's Note: Mark Baggett shares some useful insights into delivering custom payloads using Metasploit, with a little Python magic to boot! --Ed.]
By Mark Baggett
You launch your Metasploit exploit. It looks like it is working but no session is created. What happened? Your exploit just got popped by antivirus software. Such a bummer. Antivirus software is a hurdle that you have to overcome as a penetration tester, modeling the techniques of the real-world bad guys. The best way to avoid antivirus software is to stop using a payload that someone else created. Time and time again, penetration testers find they have a basic need to use custom payloads.
Createyour own custom payload, and then you won't have to worry about an AV signature catching your payload and eating it! It is easy and it gives you the flexibility to go after any target. There are lots of tools and articles for helping you doing so, including the
Extra! Extra! Read all about it! This week, many of you will be receiving our brand-spankin' new SANS Pen Test Poster in the mail. Please be on the lookout, because it's got some really cool stuff on attack surfaces, tools, and techniques. It's included in the mailing with the SANS Security West brochure.
The poster is chock full of some really nifty pen test advice from some of the best pen testers I know, including:
The poster includes several sections. On one side, we've got a description of the SANS