Creating a better meterpreter reverse_http handler…

EDIT: As of framework commit 912bfd5, the features described in this post are now part of the framework itself… learning just a little more about how MSF works… IMHO, meterpreter/reverse_http is one of the best payloads available in the metasploit arsenal, this post is about modifying the handler part, so it will look less suspicious, and … [Read more…]

Using “stunnel” to run “Havij” against “HTTPS” sites.

I am all into sqlmap, however, there are situations where sqlmap just fails for one reason or another, and Havij gets the job done. One major problem with Havij is that it doesn’t work with HTTPS sites “at least for me”, and I came across a particular site with a confirmed SQLi that when I … [Read more…]

Creating the Cheapest “ugliest” Passive Ethernet tap on earth!

This post is showing how to  create a passive ethernet tab using only an ethernet cable and four RJ-45; it is not about creating a good passive ethernet tap, or even to explain what it is, that has already been explained better by others, the result will be ugly, not optimal… but hey, it works!. Passive … [Read more…]