Some new, and not so new things to mention.
Firstly, Offensive Security’s Metasploit Unleashed.
The course material, available free of charge here, is finally out. Sometime next month the exam and an additional course video will be made available for a small fee. It must be mentioned, the money raised by this course is donated to the “I Hack for Charity” created by Johnny Long. So by taking the course, you are not only learning to use a valuable penetration and assessment tool, you are giving to a good cause.
A little quicky on how to update Backtrack 4 ‘s kernel.
root@bt4# apt-get update
root@bt4# apt-get install -d linux-image
root@bt4# cd /var/cache/apt/archives/
root@bt4# dpkg -i –force all linux-image-188.8.131.52_184.108.40.206-10.00.Custom_i386.deb
root@bt4# apt-get dist-upgrade
I suggest a reboot here to see if all is good (should see 2 kernels available at the grub scree)
root@bt4# apt-get remove –purge 2.6.29*
Again with Backtrack 4: If you plan on using Hydra (or XHydra) against SSH, you might be in for a little surprise. The stock version of Hydra distributed on BT4 is not compiled with the necessary SSH libraries. You’ll need to recompile it. I found a nice how to on the Remote Exploit forum (full thread). Also, it’s the same for Medusa too, so redoing that is needed as well…
# Download the hydra source, untar it, etc.
# nano Makefile
Edit the following lines to look like this, POSTGRES appears to be screwing stuff up in my case.
XDEFINES= -DLIBOPENSSL -DLIBSSH
XLIBS= -lssl -lssh -lcrypto
If this doesn’t work, do what I did… Download the library and read the error messages. It’s all clearly explained…
A quick note, another Joomla exploit has been released not too long ago (no big surprise), but what makes me mention this is the timing in which it came out. Seeing that I work for an ISP and Web/Application hosting company, being aware of these things can sometimes come in handy.
Two days after this exploit being published, I was asked by one of our partners he needed a web space setup with Joomla. The boss told me to make it happen, knowing it was full of vulnerabilities he says
“…put the latest version please…”.
In response “Sure no problem, but just got to tell you that a remote exploit came out on that version 2 days ago”.
It hasn’t been installed.
Sometimes the power if knowledge and a little assurance in one’s speech and go along way.