So on a test I wanted to test the possibility of performing a DoS against an IP based network camera to see of the possibility of disrupting it’s video stream. Well the idea was to hammer the device with UDP packets.
A quick look around and I found this code here. I decided to take a copy of the code as the base for a quick perl script.
A quick… Continue reading
So on a recent test I found a few devices, one was a Qunatum Scalar i500 and the other was an IBM TS3310, both are tape libraries.
CVE-2012-1844 states the following: The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape library with firmware before R6C (606G.GS001), uses default passwords for… Continue reading
Credit for most of the below comes from Mubix who has created a few documents (on google docs) that lists what to actually do once shell access has been gained. You can read more about it here and find the links to the docs, I’m simply blogging about it to make a summary of this for myself.
Meterpreter Post Auth
Information Gathering
12345678910getuid getpid getsprivs sysinfo screenshot run winenum.rb run… Continue readingThere are many pages on the web documenting quick reverse shell one liners. Pentestmonkey and Bernardo Damele have both created a good few posts between them but I wanted to recapture what they’ve got for my notes purposes. (It’s easier for me to find stuff if it’s in one place). All credit goes to both of those guys where I got all this info from.
Step one – Set up… Continue reading