May 16, 2013
The process of patching a Java executable (.jar files) without the original source code has been known for a while. As I know of, currently there are two ways of doing it: Decompile the executable > Import …
Last week Karl Fosaaen described the various trials and tribulations we went through at a hardware level in building a dedicated GPU cracking server. This week I will be doing a complete walkthrough for installing all the software that we use on our box. This includes installing the operating system , AMD drivers, oclHashcat-plus, and John the Ripper with OpenCL support.
This winter, we decided to create our own dedicated GPU cracking solution to use for our assessments. It was quite the process, but we now have a fully functional hash cracking machine that tears through NTLMs at roughly 25 billion hashes per second (See below). While attempting to build this, we learned a lot about pushing the limits of consumer-grade hardware.
I recently wrote a blog post about cracking email hashes from the iOS GameCenter application. During my research on the issue, I noticed that there were a number of games where users had insanely high scores. Lots of the users also had the exact same score (9,223,372,036,844,775,807) for each of the games that they played. Coincidentally this number is the largest possible signed integer value that you can have. It turns out that getting these high scores isn't that hard to do.
At some point, all penetration testers get asked, “Where did you learn all this stuff?” In my experience, the question often comes from clients and students interested in pen testing. Usually, they’re asking because they aren’t sure where to start. There are a number of two- and four-year college programs that can provide a nice structured approach, but generally I think penetration testing is like any other skillset; if you find the right resources, a good direction, and study hard, you’ll acquire the skills you’re looking for. However, I will say that it does help to already have a strong IT background.
I’ve written a plugin for Burp that takes a WSDL request and parses out the operations that are associated with the targeted web service and creates SOAP requests which can then be sent to a web service. This plugin builds upon the work done by Tom Bujok and his soap-ws project which is essentially the WSDL parsing portion of Soap-UI without the UI.
Copyright ©2012 NetSPI Inc. All rights reserved