Metasploit ActiveRecord Error

Today, during a pentest, I encountered the following error when running the Psexec Metasploit module with local account credentials Exploit failed: ActiveRecord::RecordInvalid Validation failed: Value can’t be blank I was a little thrown off by this as I have never experienced it before. It is a Ruby error referring to an empty smbdomain field. Although the field is…

Powerview Caught By Symantec Endpoint Protection

It has finally happened, Matt Graeber‘s Powerview Powershell cmdlet was caught by Symantec Endpoint Protection (SEP) during a pentest this week. The cmdlet is SID 29038  in Symantec’s attack signature database. Scenario During testing I used the following one-liner to download import the powerview.ps1 script and then execute Invoke-FindLocalAdminAcess from a general user’s desktop: powershell…

Manually Brute Forcing Against Form Tokens.

Last week I ran into a situation where I needed to manually brute force a webapp login form that used form tokens to request authentication. Our client wanted to see how far we could get in a black box scenario. The unauthenticated portion of the webapp was nothing more than a typical login page complete with…

Change SSH port

I am changing the SSH port on my Kali box so that it will accept sessions on port 443. This way I can connect to it anywhere that port 443 is open. Enter the following and then restart the ssh service.   Source:  

Installing VMware tools on Kali

You need the kernel headers! echo cups enabled >> /usr/sbin/update-rc.decho vmware-tools enabled >> /usr/sbin/update-rc.dapt-get install gcc make linux-headers-$(uname -r)ln -s /usr/src/linux-headers-$(uname -r)/include/generated/uapi/linux/version.h /usr/src/linux-headers-$(uname -r)/include/linux/ cp VMwareTools-*.tar.gz /tmp/tar zxpf VMwareTools-*.tar.gzsudo ./ -d     Source: