Posted October 30th, 2011 by Jason
I’ve been digging through some PHP files that are trying very hard to hide what they are doing. Basically, the PHP code is base64 encoded and then compressed. The blob of random text is then stuffed into a PHP file which calls to decode it and execute it on the web server. While it obscures [...]
Tags: incident response, malicious php, obscured malicious code
Posted April 1st, 2011 by Jason
Metasploit has successfully broken into Skynet thanks to Comodo, RSA, MySQL and Stuxnet! Here is the output from msfconsole after updating today. Rock on guys. Technorati Tags: april 1st, Metasploit, skynet
Tags: april 1st, Metasploit, skynet
Posted January 19th, 2011 by Jason
A friend of mine asked a question on Facebook that went something like this. Who owns your company’s data? The politically correct answer is that the business owns the data and IT manages it for them. That’s nice in theory, but is it really true? Does your company have a data governance group (run by [...]
Tags: data governance, data security, information securit
Posted January 17th, 2011 by Jason
I spent some time today and fixed some seriously messed up regular expressions in Reconnoiter. Basically, Google made a bunch of changes to their search results and added AJAX all over the place. To deal with this, I changed the submitted user agent to Lynx and then updated the regex accordingly. Changes with regex were [...]
Tags: recon, Reconnoiter, username generation, web penetration testing, web security
Posted October 21st, 2010 by Jason
Things have been really busy lately. First off, my Mentor session for SANS Security 504 started on September 21st. We are at the halfway point right now and leading this has been incredible. It seems whenever I need to present or teach something I learn more than anyone else. Plus teaching is just fun! Particularly [...]
Tags: JW Network Consulting, Linux Basix Podcast, Metasploit, PFIC 2010, Utah Technology Events, UTOSC