Blog
News and updates from OffSec
Jan 27, 2014
Generating Kali Raspberry Pi Images
“Kali Linux Raspberry Pi Image Updated!” That was supposed to be the “tweet” we would release, telling everyone our new Kali Linux Raspberry Pi image was supposedly better than our old one. We often update our followers with news like this on twitter, and this tweet would be no different. However, this time, we thought it would be interesting to tell you about the mechanics of updates like these, and shed some light on how these “news items” come about. This post will also give us the opportunity to describe the process of running our custom Kali Linux ARM build scripts, by way of a story. If you couldn’t care less about this story, and just want the updated image – head straight to our Kali Linux Custom Image page!
Categories
OffSec News
Exploit Database Hosted on GitHub
We have recently completed some renovations on the Exploit Database backend systems and moved the EDB exploit repository to Github. This means that it’s now easier than ever to copy, clone or fork the whole repository. The previous SVN CVS has been retired.
Jan 7, 2014
1 min read
Insights
Bug Bounty Program Insights
With the nature of our business, we at Offensive Security take our system security very seriously and we appreciate the benefits of having “the crowd” scrutinize our internet presence for bugs. For this reason, we recently started our own Bug Bounty Program, which provides incentives for researchers to inform us of possible vulnerabilities in our sites in exchange for cash rewards.
Dec 23, 2013
5 min read
Penetration Testing
Penetration Testing with Kali Linux – Online Course Update
Over a year ago, when we first sat down and began on what would become Kali Linux, we realized that with all the major changes, we would also need to update our flagship course, Penetration Testing with BackTrack (PWB), to be inline with Kali Linux. With the release of Kali, we ensured that we mentioned the impact this would have on PWB and that an update to the course was in the works.
Dec 19, 2013
3 min read
Exploit Development
NDPROXY Local SYSTEM exploit CVE-2013-5065
In the past few days there has been some online chatter about a new Windows XP/2k3 privilege escalation, well documented by FireEye. Googling around, we came across a Twitter message which contained a link to a Chinese vulnerability analysis and PoC.
Dec 4, 2013
1 min read
Enterprise Security
Penetration Test Report 2013
We are proud to release a new, updated, sample penetration test report. This report accurately reflects the types of assessments we conduct for our clients. It incorporates changes we have made over the last two years based on customer feedback, as well as reflecting many of the types of attacks we have found to be effective in multiple customer environments.
Sep 3, 2013
3 min read
Kali Linux
Kali Linux ISO of Doom
In our last blog post, we provided an example of running an unattended network installation of Kali Linux. Our scenario covered the installation of a custom Kali configuration which contained select tools required for a remote vulnerability assessment using OpenVAS and the Metasploit Framework.
Aug 27, 2013
5 min read
Kali Linux
Kali Linux Unattended PXE Install
Our last blog post on the Kali Linux site discussed implementing some cool scenarios with Kali Linux, such as remote unattended installations, creating custom Kali Linux ISOS, and getting Kali working on funky ARM hardware. We received several emails from people asking for more information on how to implement these scenarios, so we thought we’d make a few blog posts with more detailed examples.
Aug 12, 2013
4 min read
Kali Linux
Kali Linux on a Galaxy Note 10.1
Here at Offsec, we love playing with hardware. Be it something like the Onity Hotel Door Unlocker, a Teensy USB HID attack payload, or RFID hacks – if it’s shiny, we like it. While we were in the last stages of developing Kali Linux, we made the effort to to get Kali working on some ARM hardware, such as the Samsung Chromebook, Odroid U2, Raspberry Pi and RK3306 devices such as the SS808, and then contributed these to the community as “Unofficial Trusted Images”, together with the Official Kali Linux downloads.
Apr 2, 2013
2 min read
Kali Linux
Kali Linux Has Been Released!
Seven years of developing BackTrack Linux has taught us a significant amount about what we, and the security community, think a penetration testing distribution should look like. We’ve taken all of this knowledge and experience and implemented it in our “next generation” penetration testing distribution.
Mar 13, 2013
1 min read
Kali Linux
BackTrack Reborn – Kali Linux
It’s been 7 years since we released our first version of BackTrack Linux, and the ride so far has been exhilarating. When the dev team started talking about BackTrack 6 (almost a year ago), each of us put on paper a few “wish list goals” that we each wanted implemented in our “next version”. It
Jan 22, 2013
1 min read
Research & Tutorials
Yahoo DOM XSS 0day – Not fixed yet!
After discussing the recent Yahoo DOM XSS 0day with Shahin from Abysssec.com, it was discovered that Yahoo’s fix set in place on 6:20 PM EST, Jan 7th, 2013 is not effective as one would hope.
Jan 8, 2013
2 min read
Exploit Development
Fun with AIX Shellcode and Metasploit
In one of our recent pentests, we discovered an 0day for a custom C application server running on the AIX Operating System. After debugging the crash, we discovered that the bug could lead to remote code execution and since we don’t deal very often with AIX exploitation, we decided to write an exploit for it. The first steps were accomplished pretty quickly and we successfully diverted the execution flow by jumping to a controlled buffer. At this point, we thought we could easily generate some shellcode from MSF and enjoy our remote shell.
Nov 20, 2012
6 min read
Join the OffSec Community!
Our community members connect, communicate and collaborate on all things cybersecurity.