Samba “Improvements” Updated
by jmk on Sep.03, 2009, under Uncategorized
I’ve updated my Samba modifications for the 3.3.7 release. The patch adds support to Samba utilities for passing-the-hash. For the uninformed, this allows you to leverage hashes gathered with such excellent tools as FgDump, without needing to ever crack the password. You can simply pass-the-hash and mount remote shares, create new accounts, etc. as the targeted account. Another bit of goodness here are some changes to the nmbd and smbd daemons. With this patch, nmbd will respond to all broadcast requests. Smbd will log any challenge/response handshakes. All sorts of fun can be had with this… See the following pages for more information:
http://www.foofus.net/jmk/smbchallenge.html/
http://www.foofus.net/jmk/passhash.html
Gordo Attacks
by omi on Aug.01, 2009, under Uncategorized
This is mildly entertaining for me.
The guys over at StackOverflow.com were doing a podcast and the subject of NTP servers came up. At the end of the podcast, Joel and Jeff discuss various methods of eliminating error messages related to the Windows time service. The conversation soon moved to the idea of using the NTP.org pool of time servers. By default, Windows sends NTP traffic to time.windows.com, or somesuch. The NTP.org pool consists of time servers, run by volunteer system administrators, scattered across the globe. If you don’t know about NTP.org, I suggest you start here.
During the discussion, Jeff typed us.pool.ntp.org into his browser and was redirected to gordo.foofus.net. Gordo, you see, is a NTP (time) server participating in the NTP.org server pool.
This all happened at the end of Episode 52 of the awesome Stack Overflow podcast:
[ Stack Overflow ep.52 - Gordo strikes @ 1:02:00 (mp3) ]
Of course, Gordo must respond to this:
[ Gordo's Official Response ]
Stack Overflow knows how to closeout a show:
[ Stack Overflow ep.58 - starts around 1:00:00 (mp3) ]
Found in my mailbox…
by foofus on May.15, 2009, under Uncategorized
I got a pretty ridiculous flyer in my mailbox yesterday, and I thought I’d share. Enjoy!
It’s official, I’m an ass!
by omi on Apr.01, 2009, under Uncategorized
The latest, and most prodigious, certification in recent years was unveiled recently and I’m proud to announce that I’ve passed their rigorous testing.
You too can attempt to conquer this mountain by going here: http://www.asscert.com/
Foofus.Net Mailing List
by jmk on Feb.17, 2009, under General
Have a FgDump/PwDump or Medusa question? Join our mailing list and we’ll help you out.
http://lists.foofus.net/listinfo.cgi/foofus-tools-foofus.net
Medusa 1.5 Release
by jmk on Feb.17, 2009, under Medusa
Fellow Pen-testers:
Version 1.5 of Medusa is now available for public download.
What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: AFP, CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), NNTP, PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (AUTH/VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC. It also includes a basic web form module and a generic wrapper module for external scripts.
While Medusa was designed to serve the same purpose as THC-Hydra, there are several significant differences. For a brief comparison, see:
http://www.foofus.net/jmk/medusa/medusa-compare.html
It’s been over a year since version 1.4 was released and there has been a bunch of changes. This release includes multiple bug fixes, several new modules and additional module functionality. The following is a quick rundown on some of the new features. A somewhat detailed report is available here: http://www.foofus.net/jmk/medusa/ChangeLog
* AFP – new module (still marked as unstable)
* HTTP – digest auth support
* IMAP – STARTTLS, NTLM support
* POP3 – STARTTLS, LOGIN, PLAIN, NTLM support
* SMBNT – LM, LMv2, NTLMv2 support
* SMTP – NTLM support
* TELNET – AS/400 (TN5250) support
* misc. core and module bug fixes
Finally, the main documentation and actual files are located here:
http://www.foofus.net/jmk/medusa/medusa.html
http://www.foofus.net/jmk/tools/medusa-1.5.tar.gz
Medusa was developed on Gentoo Linux and FreeBSD. Some limited testing has been done on other platforms/distributions (OpenBSD, Debian, Ubuntu, Darwin, Mac OS X, Solaris). If people wish to contribute patches to fix portability issues, I’d be happy to accept them. There are probably lots of bugs which have yet to surface. Please let me know if you encounter issues, fix a bug or just find the application useful.
Enjoy,
Joe
New Foofus.Net Blog
by jmk on Feb.17, 2009, under General
Welcome to the new Foofus.Net blog!
If you’re in search of our fascinating old content, here you go:
- FgDump
- Medusa
- Walt Weeks, our hero
- Foofus’s talks ToorCon, DefCon 12 (materials, presentation)
- cease and desist stationary
- our opinion on the Large Hadron Collider
- the work of the true genome discoverer
- the tim green and badger love saga (part i, ii, iii, oh noes angry domo)
