I wanted to learn how to use scapy, specifically to craft some packets that could confuse IDS operators at a blue team/red team exercise at SANS Boston. Now, I’ve used packETH for this before (and it works like a charm), but I wanted to learn something that could be scripted on the command line. So… Read more »
Monthly Archives:: August 2010
Teaching John how to crack MySQL passwords
I’m attending the SANS SEC542 course this week in Boston, and during one of the exercises I managed to extract some MySQL password hashes via a SQL injection. Needless to say, I wanted to get the password for the database users, so I thought I’d feed it to my trusty friend John the Ripper for… Read more »
Hello world!
Hello world, and welcome to my blog about security, hacking and technology in general.