iOS 7 jailbreak

Hi everyone 🙂

It’s been a long while since my last post I know :). Here’s an interesting article I found about a jailbreak for iOS 7. Not sure if I’m gonna try it … humm … probably yes :P.


Comments ?



I broke on through to the other side … of the blog

Hi everyone,

I know you’re normally used to see @loneferret publish on this side of the website but I thought I could add a post or two once in a while and hopefully translate each french one I do too.

So here’s my first entry 🙂



Win Free Copies of new book on Advanced Penetration Testing:

Readers would be pleased to know that I have teamed up with Packt Publishing to organize a Giveaway of the Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide book.

And three lucky winners stand a chance to win copies of their new book. Keep reading to find out how you can be one of the Lucky Winners.



SSL & stunnel

When connecting to port 995 (e-mail SSL accepted server) using a raw TCP connection, nothing will happen since it’s expecting SSL “commands”. So we could type anything we want after the connection is made, and nothing will happen. What we need to do is, encapsulate our “traffic” in SSL. This can be done using stunnel. Visit the author’s site, and have a look around.
If it’s not installed on your Linux distribution then I recommend doing so. There’s also a Windows version as well which I also suggest getting if you want to test out creating a netcat session between 2 machines using an stunnel.

Let’s see how we can go about creating a simple chat session between 2 machines with netcat and stunnel. First let’s setup our listening machine to accept SSL connections on a specified port. Lets start by configuring our client machine to accept traffic on a given port, take that traffic and encapsulate it SSL and sent to socket accepting SSL connections.
First open up stunnel’s config file (I’m my Linux machine as client) and add/modify the following:

client = yes

[netcat client]
accept = 5555
connect = -Listening IP-:4444

Any traffic entering port 5555 will be encapsulated and sent to port 4444 on the target IP as SSL traffic.
Now let’s setup the stunnel service on our listening machine, in this case the Windows system.

client = no
[netcat server]
accept = 4444
connect = 7777


So now that we have stunnel setup on both machines, let’s start the connection using netcat.
From our listening system, or serve:

C:\>nc -vlp 7777

And now, let’s connect from our Linux system:

Linux~# nc -nv 5555

If everything went according to plan, the Linux box connects to local port 5555 which is then encapsulated and sent to the listening’s IP address which is expecting an SSL conneciton. One should be able now to “chat” between the two systems. One can also receive a reverse-shell this way, or connect to a pop3 mail server which only accepts SSL connections on the default port 995.


Update 16-12-2011:
This was written some time ago, and things may have changed. Although everything is still relevant you may need to change or adjust your sTunnel settings on you Linux and Windows machine.

Update 16-07-2012:
Due to a change in ownership, the new hosting company uses content filtering for “security reasons”. This means many of my previous posts can no longer be displayed. So I’m re-posting them avoiding the “bad” words..


Again a long delay between VMs, but that cannot be helped. Work, family must come first. Blogs and hobbies are pushed down the list. These things aren’t as easy to make as one may think. Time and some planning must be put into these challenges, to make sure that:
1) It’s possible to get root remotely [ Edit: sorry not what I meant ]
1a) It’s possible to remotely compromise the machine
2) Stays within the target audience of this site
3) Must be “realistic” (well kinda…)
4) Should serve as a refresher for me. Be it PHP or MySQL usage etc. Stuff I haven’t done in a while.
I also had lots of troubles exporting this one. So please take the time to read my comments at the end of this post.