Wednesday, December 26, 2012

Default Oracle Usernames and Passwords

http://www.orafaq.com/wiki/List_of_default_database_users

Metasploit keyscan_start Considerations

*sigh*

Here is a lesson that I learned the hard way. When you use keyscan_start and keyscan_dump, all those keystrokes are stored in RAM  on the target machine- NOT on the hard drive. I suspected as much, and upon further reading its confirmed here:
http://www.offensive-security.com/metasploit-unleashed/Keylogging

Normally this would be awesome for forensic reasons, but god damnit, if the person restarts the machine i lost everything. I'm going to start working on a keylogger that continuously sends keystrokes over the wire, just like the javascript keylogger currently does.

I find it incredibly dumb that the only way to retrieve those keystrokes is to manually run keyscan_dump when you feel like investigating the contents. That's not very modular, nor is it easy to build upon. This is me just being a little baby, but seriously, if we're going to make something lets make it awesome...

Thursday, December 20, 2012

NT_STATUS Codes

Lots of times when i'm on a pentest the status messages i get from trying to auth to an smb server with certain creds are the same. But sometimes i lolwtf? at them. Thats where this handy little page comes in....handy

http://www.stbsuite.com/support/virtual-training-center/nt-status-errors