evilDEB.sh (v0.1)

This video demonstrates how easy and dangerous it is to inject a backdoor (a metasploit payload) into a .deb file (Debian software package).

Metasploitable - DistCC

This video demonstrates an attack on the DistCC service on the metasploitable hackable box.

"Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql." - blog.metasploit.com

"distcc is a program to distribute builds of C, C , Objective C or Objective C code across several machines on a network. distcc should always generate the same results as a local build, is simple to install and use, and is usually much faster than a local compile"- distcc.samba.org

Metasploitable - TikiWiki

This video demonstrates an attack on the TikiWiki service on the metasploitable hackable box.

"Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql." - blog.metasploit.com

Metasploitable - Tomcat

This video demonstrates an attack on the Tomcat service on the metasploitable hackable box.

"Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql." - blog.metasploit.com

"Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed under the Java Community Process." - tomcat.apache.org

Metasploitable - MySQL

This video demonstrates an attack on the MySQL database service on the metasploitable hackable box.

"Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql." - blog.metasploit.com

Metasploitable - PostgreSQL

This video demonstrates an attack on the PostgreSQL database service on the metasploitable hackable box.

"Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql." - blog.metasploit.com

dictionaries[v0.1].py

A python script to help mange dictionaries/word-lists

  1. Remove dups - Scans each file, and simply removes any duplicate words.
  2. Remove dups Sorts 0-Z - Scans each file, removes any duplicate words, and sorts the result alphabetically with any numbers at the top.
  3. Remove dups Higher the dups, higher the list - Scans each file, removes any duplicate words, and sorts the list by placing words which are duplicated more at the top of the list.
  4. Remove dups Higher the dups, higher the list sorts the rest 0-Z - Scans each file, removes any duplicate words, and sorts the list by placing words which are duplicated more at the top of the list then sort the rest alphabetically with any numbers at the top.
  5. Merge - Doesn't remove anything, just simply combines files together.

Once complete, a new file is created called "output.txt" with the new dictionary.

fakeAP_pwn.[v0.2.5].sh

An update to the script, fakeAP_pwn. This is a bash script to automate creating a 'Fake Access Point' and 'pwn' whoever connects to it! The FakeAP is transparent (allowing the target to afterwards surf the inter-webs once they have been exploited!), and the payload is either SBD (Secure BackDoor - similar to netcat!) or VNC (remote desktop).