SANS Penetration Testing

SANS Penetration Testing

SANS 2015 Shmoo Challenge Winners and Official Answer

by Jeff McJunkin

Greetings! Those of you who attended ShmooCon this year may have noticed a challenge from SANS included in your Shmoo bags. If you didn't attend and you want to walk through the challenge yourself for some fun, I'd recommend you look at the challenge description and avoid reading the official write-up at the end of this post until you've looked at the challenge itself.

We're always excited to see the new ways our participants will solve our challenges, and the Shmoo crowd certainly didn't disappoint! We had lots of great entries which were a pleasure to read through.

As written in the original description, the first ten participants who solved the challenge will receive a free SANS NetWars t-shirt. If you see your name below, you will also have an email sent to orchestrate the details of getting your prize to you.

Accordingly, here are those ten winners!

1. Annah

...

Post Exploitation Redux Webcast Slides

Last Thursday, John Strand and I delivered a new webcast on post exploitation, covering all kinds of tips and tricks. I focussed on some of the cool stuff you can do with the Windows netsh command, including setting up port pivots, sniffing, and gaining remote access to a target's network configuration. John Strand discussed a new tool his team released that provides a command and control channel via gmail. We covered a lot of fun and useful material.

Pillage

The slides are available here.

And, if you'd like to hear the webcast itself, you can do so

...

Custom Payloads in Metasploit

[Editor's Note: Mark Baggett shares some useful insights into delivering custom payloads using Metasploit, with a little Python magic to boot! --Ed.]

By Mark Baggett

You launch your Metasploit exploit. It looks like it is working but no session is created. What happened? Your exploit just got popped by antivirus software. Such a bummer. Antivirus software is a hurdle that you have to overcome as a penetration tester, modeling the techniques of the real-world bad guys. The best way to avoid antivirus software is to stop using a payload that someone else created. Time and time again, penetration testers find they have a basic need to use custom payloads.

Createyour own custom payload, and then you won't have to worry about an AV signature catching your payload and eating it! It is easy and it gives you the flexibility to go after any target. There are lots of tools and articles for helping you doing so, including the

...

EXTRA EXTRA! The New SANS Pen Test Poster

Extra! Extra! Read all about it! This week, many of you will be receiving our brand-spankin' new SANS Pen Test Poster in the mail. Please be on the lookout, because it's got some really cool stuff on attack surfaces, tools, and techniques. It's included in the mailing with the SANS Security West brochure.

IMG_20150211_184232

The poster is chock full of some really nifty pen test advice from some of the best pen testers I know, including:

Tim Medin
Seth Misenar
Larry Pesce
Justin Searle
Steve Sims
John Strand
Josh Wright

The poster includes several sections. On one side, we've got a description of the SANS

...

2014 SANS Holiday Hack Winners and Official Answers

[Editor's Note: Every year for eleven seasons now, SANS creates a Holiday Hack challenge for you to build your skills with real-world infosec tools and techniques, all the while having some good holiday-inspired fun, for everyone to participate in, no charge at all. If you haven't checked out our most recent SANS Holiday Hack Challenge, you should definitely read through it. This years' challenge was written by Ed Skoudis and Josh Wright, with support from Tom Hessman and the vocal stylings of James Lyne. We'll keep the challenge itself, the target servers, and the file system image available for as long as possible, so you can continue to work through it, either on your own, or referencing the official answers cited below. Have fun!!! Following immediately below is our official announcement of winners and answers. --Ed.]

Lynn Cratchit emerged from the rather toasty

...