Comments for SkullSecurity

Comment on WebDAV Detection, Vulnerability Checking and Exploitation by micr0

micr0 — Thu, 22 Dec 2011 09:58:07 +0000

thank you man :)

Comment on Remote control manager FAIL by m_101

m_101 — Wed, 21 Dec 2011 14:49:37 +0000

Nice analysis :).

Comment on Remote control manager FAIL by Ron Bowes

Ron Bowes — Wed, 21 Dec 2011 03:21:45 +0000

@blowcheck - Yeah, I didn't even think to mention why I was doing it without a pcap. Thanks for asking!

Comment on Remote control manager FAIL by blowcheck

blowcheck — Tue, 20 Dec 2011 21:36:40 +0000

it was just a personal consideration.., so congratz is still useful, a well done static and dinamic analysis, i love them, thanks i wait the next one.

Comment on Remote control manager FAIL by Ron Bowes

Ron Bowes — Tue, 20 Dec 2011 21:28:31 +0000

@blowcheck - yes, but I couldn't get the server working so I didn't have the ability to packet capture the communication.

@Steve - thank you sir!

Comment on Remote control manager FAIL by blowcheck

blowcheck — Tue, 20 Dec 2011 21:16:01 +0000

Personally the first analysis part:

"""Client connects to server
Client sends server a null-terminated port number
Server connects back to client on that port"""

would be much more easy dumping the communication between client-server.
Do you agree?
blow

Comment on Remote control manager FAIL by Steve

Steve — Tue, 20 Dec 2011 20:34:12 +0000

Awesome analysis. I found this VERY nice blog via reddit.

I like your detailed description i learned a lot from this post ;-).

Comment on Remote control manager FAIL by PoURaN

PoURaN — Mon, 19 Dec 2011 23:14:02 +0000

Hello.. Just read your tweet and I really enjoyed your vuln analysis.. Cool man.. Waiting for more ;)

Comment on Return of the Facebook Snatchers by researcher

researcher — Tue, 29 Nov 2011 21:42:57 +0000

I am trying to see if I can get public users facebook status and all the replies for their status thats been publish. So far I haven't had luck with the facebook api. Do you have any suggestions?

Comment on About me (Ron) by Josh

Josh — Wed, 23 Nov 2011 17:00:45 +0000

Thank you Ron.
I am in my second year of a computer science degree and the assembly tutorial on your wiki is absolutely brilliant - you should stick it in a book and sell it.
If you do release it - even on kindle or free pdf or whatever - let me know :D

Comment on Followup to my Facebook research by Nightingale

Nightingale — Fri, 11 Nov 2011 18:04:54 +0000

Hello Ron

what do yu think today?
Have you change the mind of the
facebook User - to take better
passwords? Is it possible today,
or are the Users more sensible?

Have a nice day!

Comment on Weaponizing dnscat with shellcode and Metasploit by Sean

Sean — Thu, 10 Nov 2011 02:01:15 +0000

Nice work! Though repeatedly querying the same or very similar queries bespeaks a faulty resolver at best. Or perhaps I misunderstand your idea here? I personally prefer the transport to be ICMP echo request/response for various reasons. I recently posted a write up at informati.cc. I'm interested in your comments.

Comment on (Mostly) good password resets by MD5_is_faster

MD5_is_faster — Thu, 03 Nov 2011 16:12:45 +0000

Adding to CrazyD's comment for the SMF estimates, I generally assume that MD5 can be guessed offline, today, at 45 billion guesses/sec*machine, not 5 million, per (http://hashcat.net/oclhashcat-lite/).
This takes your 23 CPU-year estimate down to 23 machine-hours for an exhaustive brute force search.

Comment on Return of the Facebook Snatchers by laughing so hard

laughing so hard — Sun, 30 Oct 2011 01:33:28 +0000

this whole post is so hilarious!

people refuse to understand the importance of making vulnerabilities PUBLIC - an age-old discussion that should have been settled ages ago - as when vulns are public, there's a fire under the proverbial bottom of whoever's responsible (ie. FB) to fix it, and before it's public it's only accessible to the bad-guy. really people: imagine you have two bad-guys sitting in a room. if one of them started to make public his findings, would that be a good thing or a bad thing for the bad guys? OBVIOUSLY, it's a bad thing, as the hole will be patched sooner. any pentester will sabotage his evil twin by making public his findings! (as for making public instead of just telling the company in question in secret - well, i believe experience speaks for itself...ie. they never listen.)

big score for education also! thanks a lot, great read ron & al.
keep up the excellent work!

Comment on Return of the Facebook Snatchers by FacialX

FacialX — Sat, 22 Oct 2011 18:50:21 +0000

YOu people are dreaming You will be identified and tied to your accounts shortly
Thieves, burglars, offenders, scammers will be idententified to the cameras
You post BILLIONS of photos and show your faces everywhere. This is your number. Live RIght for your true colors will be exposed.

Comment on A deeper look at ms11-058 by Anonym

Anonym — Mon, 17 Oct 2011 04:33:52 +0000

Very good work man! You saved me

Comment on ms08-068 -- Preventing SMBRelay Attacks by Ron Bowes

Ron Bowes — Mon, 17 Oct 2011 03:18:23 +0000

No, it was fixed in ms08-068 and any operating system that's come out since.

Comment on How Pwdump6 works, and how Nmap can do it by Mile

Mile — Sun, 16 Oct 2011 23:07:36 +0000

same here ....

svn: File not found: revision 21298, path ‘/nmap-exp/ron/nmap-smb’

Comment on ms08-068 -- Preventing SMBRelay Attacks by Tom

Tom — Sat, 15 Oct 2011 18:14:26 +0000

Hi Ron,
Just asking, Is SMB Relay/Reply attack still relevant in this Win7SP1/Win2008R2 era?

Thanks,

Comment on Locks that can re-key themselves? by Jonwally

Jonwally — Fri, 14 Oct 2011 05:50:14 +0000

I have been wondering how those locks worked; great in the simplicity.