2014
09.10

Battle For The Net

If you woke up tomorrow, and your internet looked like this, what would you do? Imagine all your favorite websites taking forever to load, while you get annoying notifications from your ISP suggesting you switch to one of their approved “Fast Lane” sites.Think about what we would lose: all the weird, alternative, interesting, and enlightening stuff that makes the Internet so much cooler than mainstream Cable TV. What if the only news sites you could reliably connect to were the ones that had deals with companies like Comcast and Verizon?On September 10th, just a few days before the FCC’s comment deadline, public interest organizations are issuing an open, international call for websites and internet users to unite for an “Internet Slowdown” to show the world what the web would be like if Team Cable gets their way and trashes net neutrality. Net neutrality is hard to explain, so our hope is that this action will help SHOW the world what’s really at stake if we lose the open Internet.If you’ve got a website, blog or tumblr, get the code to join the #InternetSlowdown here: https://battleforthenet.com/sept10thEveryone else, here’s a quick list of things you can do to help spread the word about the slowdown: http://tumblr.fightforthefuture.org/post/96020972118/be-a-part-of-the-great-internet-slowdown Get creative! Don’t let us tell you what to do. See you on the net September 10th!

via Battle For The Net.

2014
04.06

A new VM… After almost 2 years.

Saying it’s been awhile is an understatement. Almost 2 years without a new vulnerable VM and over 2 years without a blog post. I only have myself to blame, but work and family life takes up most of my waking hours. This is a hobby and hobbies come last.

I must start by saying how shocked I am with the reception my VMs have received since their inception. Over the past 24+ months, I’ve gotten so many nice messages and e-mails from people saying they enjoyed them. A few of my VMs have actually been mentioned in books, which was a pleasant surprise… So to all that have enjoyed them, and used them as reference material (or what have you) a big thank you from the bottom of my heart.

I never expected this little project would turn out the way it did. This just proves, if you put a bit of effort and time, anything can happen.

Why the new VM

Kioptrix VM 2014

The original idea behind my VMs has always been about learning, not only for the people downloading them but for me as well. With each new VM, I always try to do something “different”, something to take me out of my comfort zone… just a bit, just enough so I can learn something new and hopefully remember it. Installing old unsupported software from source on a newer OS or just using a flavour (or flavor) of Linux I’ve never tried before. It doesn’t have to be something huge, just something I don’t know or not too comfortable with. For me, trying and reading is one of the ways I learn.

This new machine is no different. I had an idea in my head, wanted to know a bit more about it and saw an opportunity to apply it in a VM (however g0tm1lk g0tmi1k kind of pushed me a bit to release a new one). I didn’t spend 2 years building this thing, but in the short amount of time it took me to build it (2 weeks… 3?) I got very familiar with what’s in there.

Why build these things…

Which brings me to another point I wish to blabber about, why build these things. As mentioned above, it’s primarily to learn. To experiment and discover different operating systems and software. Get more acquainted with compiling, installing and uninstalling (just to name a few). The great thing about this is, you’ll ask yourself questions and if you’re lucky bugs to look up and fix. At the end of the day, that’s the point really… to figure things out on your own.

If you’re building a VM to submit to vulnhub.com (as an example), then you need to pay attention to how your machine reacts to scans and attacks. You need to figure out what works and what doesn’t.
Why does attack “A” work but not “B”?
What if…
Why this…
Why that… You can learn lots if you take the time to ask yourself questions.

So I’ve come to the part where I’m babbling and writing for the sake of writing which is my queue to stop. Hope you enjoy the new VM.

-loneferret

About the VM

As usual, this vulnerable machine is targeted at the beginner. It’s not meant for the seasoned pentester or security geek that’s been at this sort of stuff for 10 years. Everyone needs a place to start and all I want to do is help in that regard.

Also, before powering on the VM I suggest you remove the network card and re-add it. For some oddball reason it doesn’t get its IP (well I do kinda know why but don’t want to give any details away). So just add the VM to your virtualization software, remove and then add a network card. Set it to bridge mode and you should be good to go.

This was created using ESX 5.0 and tested on Fusion, but shouldn’t be much of a problem on other platforms.
–Update 07-04-2014: Virtual Box users may encounter issues.. sorry

Kioptrix VM 2014 download 825Megs
MD5 (kiop2014.tar.bz2) = 1f802308f7f9f52a7a0d973fbda22c0a
SHA1 (kiop2014.tar.bz2) = 116eb311b91b28731855575a9157043666230432
Waist line 32″
p.s.: Don’t forget to read my disclaimer…

2013
12.13

iOS 7 jailbreak

Hi everyone :)

It’s been a long while since my last post I know :). Here’s an interesting article I found about a jailbreak for iOS 7. Not sure if I’m gonna try it … humm … probably yes :P.

http://www.itworld.com/answers/topic/mobile-wireless/question/ios-7-jailbreak-confirmed-iphone-5s5c4s-safe3rd-team?utm_medium=referral&utm_source=t.co

Comments ?

RDinelle

2013
04.06

I broke on through to the other side … of the blog

Hi everyone,

I know you’re normally used to see @loneferret publish on this side of the website but I thought I could add a post or two once in a while and hopefully translate each french one I do too.

So here’s my first entry :)

RDinelle

2012
08.14

Win Free Copies of new book on Advanced Penetration Testing:

Readers would be pleased to know that I have teamed up with Packt Publishing to organize a Giveaway of the Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide book.

And three lucky winners stand a chance to win copies of their new book. Keep reading to find out how you can be one of the Lucky Winners.

Read More >>