SANS Brisbane has just kicked off !!
More pics to come during the week
Browsing Posts published in May, 2010
** NEWS JUST IN **
Downloads and more information: http://www.metasploit.com
After five months of development, version 3.4.0 of the Metasploit Framework has been released. Since the last major release (3.3) over 100 new exploits have been added and over 200 bugs have been fixed.
This release includes massive improvements to the Meterpreter payload; both in terms of stability and features, thanks in large part to Stephen Fewer of Harmony Security. The Meterpreter payload can now capture screenshots without migrating, including the ability to bypass Session 0 Isolation on newer Windows operating systems. This release now supports the ability to migrate back and forth between 32-bit and 64-bit processes on a compromised Windows 64-bit operating system. The Meterpreter protocol now supports inline compression using zlib, resulting in faster transfers of large data blocks. A new command, “getsystem”, uses several techniques to gain system access from a low-privileged or administrator-level session, including the exploitation of Tavis Ormandy’s KiTrap0D vulnerability. Brett Blackham contributed a patch to compress screenshots on the server side in JPG format, reducing the overhead of the screen capture command. The pivoting backend of Meterpreter now supports bi-directional UDP and TCP relays, a big upgrade from the outgoing-only TCP pivoting capabilities of version 3.3.3.
This is the first version of Metasploit to have strong support for bruteforcing network protocols and gaining access with cracked credentials. A new mixin has been created that standardizes the options available to each of the brute force modules. This release includes support for brute forcing accounts over SSH, Telnet, MySQL, Postgres, SMB, DB2, and more, thanks to Tod Bearsdley and contributions from Thomas Ring.
Metasploit now has support for generating malicious JSP and WAR files along with exploits for Tomcat and JBoss that use these to gain remote access to misconfigured installations. A new mixin was creating compiling and signing Java applets on fly, courtesy of Nathan Keltner.
Thanks to some excellent work by bannedit and Joshua Drake, command injection of a cmd.exe shell on Windows can be staged into a full Meterpreter shell using the new “sessions -u” syntax.This marks the first major release developed under the Rapid7 label and coincides with general availability of Metasploit Express, our first commercial product. We hope you enjoy using the framework as much as we like working on it.
- The Metasploit Team
Following a very successful program in 2009, we are returning to Australia’s Capital City for SANS Canberra 2010 on 12-17 July to deliver SANS’ world-class information security training.
Register by 3 June to receive the best savings on the following courses:
- Security 401: SANS Security Essentials Bootcamp Style (GSEC) taught by Mark Hofman, SANS Certified Instructor
- Security 503: Intrusion Detection In-Depth (GCIA) taught by Johannes Ullrich, Ph.D., SANS Certified Instructor
- Audit 507: Auditing Networks, Perimeters, and Systems (GSNA) taught by James Tarala, SANS Senior Instructor
- Forensics 610: Reverse-Engineering Malware: Hands-On Analysis Tools and Techniques (GREM) taught by Michael Murr, SANS Certified Instructor
- Security 577: Virtualization Security Fundamentals – NEW! taught by James Tarala, SANS Senior Instructor
For complete course descriptions see our Event-at-Glance page.
Put the skills you’ll learn to practical use and more than GIAC certified professionals who make the info sec industry safe! Visit the GIAC Roadmap page for more information and register for your certification attempt today!
SANS training is well-known for being relevant and pragmatic. Out Canberra 2010 instructors are industry leaders and experts who understand the challenges you face on a daily basis. Their real-world experience increases the practical value of the course material.
Classes will be held at the National Convention Centre in Canberra. Canberra is one of Australia’s few planned cities, a place where architectural style complements the beauty of the surrounding Australian bush. Located on the ancient lands of the traditional owners, the Ngunnawal people, Canberra is thought to derive its name from the Aboriginal word Kamberra or ‘meeting place.’ Canberra is known for its hospitality with its trendy cafes, restaurants, nightclubs, museums and galleries, boutique shopping. Explore the cities trails and weekend markets for fresh regional produce and local wines.
To follow or tweet about this event, use hashtag #sanscanberra. Follow SANS at @SANSInstitute.
Get the training you need to advance your career. Start making your training and travel plans now to join us for SANS Canberra 2010!
http://www.sans.org/brisbane-2010/night.php
SANS @Night
Look Out! Open Source Extrusion Detection
- Eric Conrad
- Tuesday 25 May * 7:00pm – 8:00pm
Your firewall has been turned inside-out. With the advent of client-side attacks, infected USB drives, and infected mobile devices, perimeter network defenses have failed. The bad guys are already in. How do you stop them? By looking out. This talk will discuss techniques for detecting the outbound flow of sensitive information: extrusion detection. Eric Conrad will discuss the successful attacks and failed perimeter defenses that lead to the creation of Xfiltr8, the open source Extrusion Detection live CD
Read Eric’s bio here: http://www.sans.org/brisbane-2010/faculty.php
Location
The Marque
103 George Street
Brisbane, Queensland
To register:
Send RSVP to rkantor@shearwater.com.au
In the email please state:
Full Name
Company
OpenDNS
