PRINT
PRINT
SEND MAIL
SEND MAIL

Month: September 2017

TUTORIALS

Analysis of AddressBook and Call History data

Analysis of AddressBook and Call History data Analysis of artifacts on iOS devicesThroughout the following paragraphs, I will be going through a discussion about the objects on an iOS device and their interpretation. That is regardless whether it was the user’s interaction that generated them or the device itself along with its features. However, most of the extracted artifacts will be of one of two main formats. These are either the .plist files used for the sake of configuration files or of SQL database…

TUTORIALS

How to use Dander Spiritz Tool ( available with kerberos)

tutorial  by MisterCh0c I setup a lab with 2 Windows 7 machines (32 Bit but should wokr on 64 too), one for the attacker and one for the victim. I am using the FUZZBUNCH tool from the leak which is some kind of exploit framework kinda like metasploit. Basically you use it to run exploits. Let’s use the ETERNALBLUE (MS07–10) exploits to take over the victim machine   After that we have several option. We can run shellcode on the machine or any .dll or .exe. In…

TUTORIALS

SQLite Databases and Plist Files

SQLite Databases and Plist Files What about partitions?Partitions are the components on which different data could get stored inside a device. It comes without saying that the mechanisms differ according to the user to specify partitions and allocate storage to them when it comes to computers or personal laptops. On the other hand, one does not have that much freedom when it comes to a mobile device. The manufacturer of such equipment is the one responsible for such allocation of resources. Hence, Apple is…

TUTORIALS

Physical Acquisition of iOS data

How to acquire iOS data using physical acquisition techniques?Acquiring a bit by bit image of a system is always the best case in favor of someone performing forensics on a system. That is what is meant initially by the physical acquisition of IOS data. The next step of the procedure is to check that both the copy and the original data are precisely the same with no slight change. While this technique can be performed soundly and correctly on computers like laptops and desktops,…

TUTORIALS

Logical Acquisition on an iOS device

What are the operating modes of an IOS device?When it comes to iOS forensics it is really an important issue to understand and distinguish between the diverse operating modes that an iOS device could be working on. There are in fact three modes that are available for an iOS device to be working on. These include Normal Mode, Recovery Mode, and DFU Mode. An examiner shall be aware of such modes to turn a device into it while performing forensics on it. This aspect…

TUTORIALS

Metasploitable 3: Exploiting HTTP PUT

In this hacking tutorial we will be exploiting the HTTP PUT method on one of the Metasploitable 3 webservers to upload files to the webserver. If the HTTP PUT method is enabled on the webserver it can be used to upload a specified resource to the target server, such as a web shell, and execute it. In this tutorial we will look at how to determine if the HTTP PUT method is enabled and we’ll be using several different methods to upload a Meterpreter…

TUTORIALS

Fix openvas metasploit plugin errors (Object#timeout is deprecated, use Timeout.timeout instead.)

Open openvas plugin with favorite text editor like this: leafpad /usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb locate the line 201 and replace : timeout(@read_timeout) { with  Timeout.timeout(@read_timeout) { Done ! close any open  metasploit console/terminal and load metasploit-framework again from a new terminal!