NETwork Security Consortium

Arp poisoning the WMF exploit
Saturday 14 January 2006 by Sleepless

mini-pentoo in action - mpentoo
mpentoo video - arp poison the wmf exploit using ettercap filters

A little video to give you an idea of some of the capabilities of the new mpentoo-beta.

This video uses the 184mb mpentoo-beta to run msfweb, ettercap, and some filters to exploit the wmf bug. Injecting the reverse_meterpreter payload allows for grabbing admin hashes easy, and www.plain-text.info was used to crack the hash.
Provided format are MP4, WMV and DivX.

Let us know what you think on email or irc.

mpentoo-beta.arp.poison.wmf.wmv

7.1 Mb

mpentoo-beta.arp.poison.wmf.mp4

9.7 Mb

mpentoo-beta.arp.poison.wmf.avi

28.5 Mb

Plaintoo in action
Thursday 20 April 2006 by Grimmlin

This video feature plaintoo, a frontend for the bkhive and samdump2 tools, used to retrieve LM and NTLM hashes from the windows SAM. The retrieved hashes can then be cracked on the Plaint-Text.info site.

The video was made by Sleepless, using the latest mini pentoo livecd. Plaintoo is available as a module here.

Provided format are MP4, WMV and DivX.

Let us know what you think on email or irc.

plaintoo.avi

22.6 Mb

plaintoo.mp4

5.1 Mb

plaintoo.wmv

3.7 Mb

Arp poisoning the WMF exploit Saturday 14 January 2006 by Sleepless

Plaintoo in action Thursday 20 April 2006 by Grimmlin

Arp poisoning the WMF exploit
Saturday 14 January 2006 by Sleepless

Plaintoo in action
Thursday 20 April 2006 by Grimmlin