It's our honor to kick off our Member Spotlight with a Q&A with void_in, one of the most prolific contributors to the Metasploit project and an extremely active member of the Community. You'll frequently find him answering your Metasploit questions or helping you troubleshoot issues, no matter how simple or complex. void_in truly helps make our Community the vibrant and helpful place it is today, and is highly respected and admired for his expertise and his willingness to help others.
Without further ado, here's more on void_in's involvement with Metasploit and in the community -- in his own words. (And if you'd like to say hello or thanks, your comments are always welcome!)
Introduce yourself to the community.
My name is void_in. I wanted to have hdm as my handle, but that was already taken.
What is your professional background?
I am a penetration tester and SOC analyst. Initially I started as a system and network administrator but in the last 3 years I've been working in the infosec field full time.
You've contributed an incredible amount to the Metasploit project, as well as knowledge to the Community over the years. What made you want to contribute to Metasploit? What was your experience like when you were first starting out?
My first experience with Metasploit was in 2008 in college, but that was more for fun than profit! In 2010, I started using it for my job. Back then MS08_067_NetAPI was a big challenge in organizations and hence I had an easy time popping shells. However, client side exploits always required bypassing anti-virus, IDS and other defenses. At that time we didn't have projects such as Veil-Evasion and the process of making your code undetectable was more or less manual. Anti-virus people started having signatures for everything related to Metasploit and it was getting very difficult for people who didn't know the inner working of the framework to use it effectively for their jobs.
How did you become so passionate about sharing your Metasploit expertise in the community?
Projects like Metasploit are very difficult to document properly. The reason for that is the pace at which the framework is developed, as well as the fact that documentation is boring! We all use Metasploit extensively for our day-to-day jobs and I started feeling like the things we know with experience—such as how the DLL injections work, how Meterpreter is migrated from one process to another, look beyond shikata_ga_nai for AV bypass (it is still very difficult to convince people that encoders are not for making your code undetectable), how the create a custom stager etc—are never documented, and is treated as a tribal knowledge.
As people are always intimidated by asking these initial questions from the likes of hdmoore, James Lee, sinn3r and other founders of the framework, I felt they would feel more at ease interacting with me because I am just like them. That is when I started answering questions on the community site. Gradually it became a habit and offered me an opportunity to work in those areas of the framework which I wouldn't have otherwise. Also, giving something back to the community was something I always wanted to do.
What advice would you give other people who are interested in contributing to Metasploit? Are there any resources or readings that you'd recommend?
Take a look at https://github.com/rapid7/metasploit-framework/wiki. It has some wonderful tidbits from how to setup the development environment to making sure you don't commit silly mistakes and take full advantage of the library offered by the framework.
If you don't have experience with coding, there are other areas in which you can contribute. Go to the Metasploit pull request page https://github.com/rapid7/metasploit-framework/pulls, checkout any PR which hasn't been tested by someone other than the author, test it in your own environment and give your feedback whether it worked or not. It is a huge huge contribution knowing that that the module worked in an environment other than the one setup by the author and help speeding up the landing of the module.
If you see a question about a problem on a community site that you have encountered and solved, write down the steps and answer the question. Not only will it make the community site more responsive, it will give you recognition among your peers as well.
What does Open Source mean to you?
Open source is the number one reason we have projects like Metasploit. Closed source not only means a huge amount in license costs, it also means legislation like Wassenaar will make it almost impossible to get benefit from the research already done in other parts of the world. Open source not only make better software but it makes better programmers. If you want to be a better programmer, start contributing to an actively-maintained open source project.
What is the most interesting hack you've ever pulled off?
Exploiting the software which is supposed to provide protection to the environment is always fun. I remember exploiting a SQL injection flaw in Symantec Endpoint Protection server, extracting the Administrator hash and using pass-the-hash to get DA in less than an hour of the engagement. Also, MS14-068 was fun for a little while because for the first time I had to write "Go study Kerberos" in the recommendation for the system administrators.
What's your favorite book?
Chained Exploits - Advanced Hacking Attacks is a great read. http://www.amazon.com/Chained-Exploits-Advanced-Hacking-Attacks/dp/032149881X
Our sincere thanks to void_in for all his incredible community contributions, and for being our very first Community Member Spotlight!
If there's someone you'd like to recognize for their work in the community and see in the spotlight, please let me know: leave a comment, PM me Maria Varmazis, @mvarmazis on Twitter, or email me at community at rapid7 dot com.