Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

David Maloney  

AUTHOR STATS:

8

Introducing RubySMB: The Protocol Library Nobody Else Wanted To Write

The Server Message Block (SMB) protocol family is arguably one of the most important network protocols to be conversant in as a security professional. It carries the capability for File and Print Sharing, remote process execution, and an entire system of Named Pipes that serve…

Replacing Pedantry with Positive Interaction

The recent vBulletin hack is the most recent case of a compromise being labeled as a ‘sophisticated attack.' Predictably, the internet exploded with people complaining about this label, stating that it was just SQL Injection. The same thing occurred with the news of…

Safely Dumping Domain Hashes, with Meterpreter

UPDATE: It has been pointed out that there is prior work worth noting. This blog post by Damon Cortesi talked about using Volume Shadow Copy to get the SAM file back in 2005. As with all things in our Industry, we stand on the shoulders…

12 Days of HaXmas: Buffer Overflows Come and Go, Bad Passwords are Forever

This post is the fourth in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014.This summer, the Metasploit team began the large undertaking of reworking…

PSExec Demystified

Multiple modules inside the Metasploit Framework bear the title PSExec, which may be confusing to some users.When someone simply refers to “the PSExec module”, they typically mean exploit/windows/smb/psexec, the original PSExec module. Other modules are more recent additions, and…

The Odd Couple: Metasploit and Antivirus Solutions

I hear a lot of questions concerning antivirus evasion with Metasploit, so I'd like to share some the information critical to understanding this problem. This blog post is not designed to give you surefire antivirus (AV) evasion techniques, but rather to help you understand the…

Abusing Windows Remote Management (WinRM) with Metasploit

Late one night at Derbycon, Mubix and I were discussing various techniques of mass ownage. When Mubix told me about the WinRM service, I wondered: "Why don't we have any Metasploit modules for this yet?" After I got back , I began digging.WinRM/WinRSWinRM is…

Recon, Wireless, and Password Cracking

The Metasploit Framework continues to grow and expand with the support of the community. There have been many new features added to the Metasploit Framework over the past month. I am very excited to be able to share some of these new developments with you.…