0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Meterpreter Session Not Starting
By:
January 1, 2016

Hallo , first , my English is very slow ..... I am working with the book from Georgia Weidman, "Penetration Testing: A Hands-on Introduction to Hacking". On page 182 "Exploiting WebDAV Default Credentials". My host : Kali Linux My guest : Windows XP 64 bit with Service Pack 2 , install an VMware in another computer . Build my Payload ...

Metasploit Pro Certified Specialist
By:
January 1, 2016

Has anyone tried this certification? https://www.rapid7.com/services/training-certification/certification/metasploit-pro-certified-specialist-exam/ Trying to find out how questions are on this exam. I email rapid 7 but they weren't very helpful. They sent me a link to there help pag which provides no information. I just took this course and exam. What questions do you have?

Metasploit (Post/Payload/Exploit/Auxiliary)
By:
January 1, 2016

Hello guys, Ive started learning metasploit a few days ago,Its really a great framework! What I didn't completely understand is the exact difference between a POST,PAYLOAD,EXPLOIT and AUXILIARY and in which specific cases we use the above mentioned. Thankyou-in-advance. ls

Metasploit LHOST With Dynamic IP Address
By:
January 1, 2016

My ISP provides me with a dynamic IP address. So the LHOST option for meterpreter will be meaningless since my IP changes every time I reboot my router. From what I have been able to gather is: 1. Use no-ip\[dot\]com to set up a DNS server that links back to me 2. Use /reveres\tcp\dns and set it to my domain ...

Metasploit Cheat Sheet
By:
January 1, 2016

Thanks to the Null-Byte user OccupyTheWeb( AKA : OTW ) here is an ultimate cheat sheet on Metasploit's Meterpreter in Kali Linux ( or any other Pentesting OS ). At its most basic use, meterpreter is a Linux terminal on the victim's computer. As such, many of our basic Linux commands can be used on the meterpreter even if it's ...

Metasploit And CVE
By:
January 1, 2016

how do you do to exploit the CVE-2017-3167 with msf , because i can't find it in the database exploit of msf , can you help me ? According to the CVE database there is no module within Metasploit related to 2017-3167. You would need to design your own exploit for it at this time. Feel free to write your own and ...

Make Your Own Ransomware
By:
January 1, 2016

Hi guys, I recently wrote an article for my blog about a new service that lets you create your own ransomware. Due to Cybrary policies, this article was rejected from Cybrary OP3N, but I still think it would be interesting to some people, so I will write about it here. A new type of ransomware is being freely distributed on ...

MAC Address Numbers And Letters
By:
January 1, 2016

Correct me if I'm wrong but MAC addresses start with 0-9 and A-F. Not always. MAC addresses are made up of 6 hexadecimal numbers, so they can start with any permutation on 0-9 and A-F. Sorry, I should have rephrased to say "can start with.." Either way you answered my question. I knew it was correct but one of the CCNA videos ...

Lists Of Linux Command
By:
January 1, 2016

I was looking around for a list of command and what they do and found these 2 to be useful. I am sure there are other if anyone else has to share. https://www.latesthackingnews.com/linux-basic-commands/ http://lifehacker.com/learn-basic-linux-commands-with-this-downloadable-cheat-1552019180 I was looking around for a list of command and what they do and found these 2 to be useful. I am sure there are other if ...

Linux - Unix Security Auditing Tools
By:
January 1, 2016

LUNARLockdown UNix Auditing and Reporting Introduction This scripts generates a scored audit report of a Unix host's security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in the code documentation. Why a shell script? I wanted a tool that was able to run on locked down systems where ...