I've got good news and bad news for those of the misguided perception that Linux is somehow impervious to attack or compromise. The bad news is that it turns out a vast collection of Linux systems may, in fact, be pwned. The good news, at least for IT administrators and organizations that rely on Linux as a server or desktop operating system, is that the Trojan is in a download that should have no bearing on Linux in a business setting.

It's all blah blah, but tell the author what you think

One of the questions that we often hear is "What systems can i use to test against?" Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql.

Botnet agents and malware go through inordinate lengths to hide their command and control traffic. From a penetration testing perspective, emulating these types of communication channels is possible, but often requires a custom toolkit to be deployed to the target. In this post I will walk through using the standard Metasploit Meterpreter payload as a persistent encrypted remote control tool.

The Metasploit Console (msfconsole) has supported the concept of resource files for quite some time. A resource file is essentially a batch script for Metasploit; using these files you can automate common tasks. If you create a resource script called ~/.msf3/msfconsole.rc, it will automatically load each time you start the msfconsole interface. This is a great way to automatically connect to a database and set common parameters (setg PAYLOAD, etc). Until this morning, however, resource scripts were limited to simple console commands.

Curiously many Linux administrators out there are clueless about properly securing or configuring a server. The following steps can significantly increase the stability and security of any Linux servers. These tips are all easy and quick to do as each can be completed in less than fifteen minutes!

As of this afternoon, the msfencode command has the ability to emit ASP scripts that execute Metasploit payloads. This can be used to exploit the currently-unpatched file name parsing bug feature in Microsoft IIS. This flaw allows a user who can upload a "safe" file extension (jpg, png, etc) to upload an ASP script and force it to execute on the web server.

Even though Metasploit 3.3.3 was just released on December 23rd, the holidays provided some free time for the community and the development team to add more shiny to the Metasploit Framework.

For those of you who don't know me, I have been a developer and computer security enthusiast for many years. I have been involved in computer security, specifically, for the last ten years. The first six years were as an independent research and hobbyist. I have spent the last four years working professionally as a software vulnerability researcher.

Tomorrow I will become the latest addition to the Metasploit and Rapid7 team, filling the Exploit Developer position. I am truly honored to have the chance to be part of such a talented team.

Last week we released Metasploit 3.3.2 following on the heels of Metasploit 3.3.1. This release marked a major change to how the Meterpreter backend processed commands; instead of running each request serially, the Meterpreter now spawns a background thread for each request.

Last night, Kingcope uploaded a video to youtube demonstrating a logic flaw in the Samba CIFS service (this was followed by a mailing list post). This bug allows any user with write access to a file share to create a symbolic link to the root filesystem. From this link, the user can access any file on the system with their current privileges.