DNS exploit in the wild

July 23, 2008 By 4 Comments


We’ve been tracking Metasploit commits since Matasano’s premature publication of [Dan Kaminsky]‘s DNS cache poisoning flaw on Monday knowing full well that a functional exploit would be coming soon. Only two hours ago [HD Moore] and [I)ruid] added a module to the Metasploit Project that will let anyone test the vulnerability (with comment: “ZOMG. What is this? >:-)“). … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , ,

ARP poisoning is still a problem

June 4, 2008 By 5 Comments


You’ve no doubt heard that the site hosting Metasploit, the exploit framework, was hacked earlier this week, but what you may not have heard is that it was done using a layer 2 attack. Though Metasploit.com was not actually cracked, a server on the same VLAN was compromised and used to ARP poison the gateway. ARP poisoning is … Read the rest

Filed Under: news Tagged With: , , , , , ,

Wireless hacking with the OLPC XO

May 27, 2008 By 10 Comments


Not even a week ago we asked what we should do with our OLPC XO. InformIT’s [Seth Fogie] has written a great two part article that covers turning it into a hacker toolkit. Part one is an overview of the OLPC, how to upgrade it, and do some usability tweaks. Part two covers installing Nessus, Metasploit, and doing … Read the rest

Filed Under: wireless hacks Tagged With: , , , , ,