Welcome to In Depth Defense. In Depth Defense LLC is a privately owned Information Security Consulting company owned and operated by Mark Baggett. In Depth Defense specializes in Penetration Testing and Incident Response. At this time In Depth Defense is not accepting any new client work, but we are happy to speak to you and point you to other resources in the community.

Mark Baggett has been active in Information Security for 18+ years. I've served in a variety of roles from software developer to CISO. You can find archives of older blog entries below and read my newer posts on http://www.pauldotcom.com, http://isc.sans.edu and http://pen-testing.sans.org








Tuesday, December 30, 2008

Jing - OS X Screen Capture & Metasploit Route

I was trying out jing over the weekend and I like it. Its free screen capture software for your Macintosh. It allows you to capture a movie from your desktop and give it a voice over. Then you can save the contents as an adobe flash movie. It integrates with www.screencast.com and allows you to upload and share files with the world. All for free as long as you stay beneath 2 GB per month. One draw back is it doesn't come with editing software. So unless you use a separate tool you need to get it right in one take. Check it out here.. http://www.jingproject.com

To try it out I made a video (one take) of using Metasploit's route statement to accomplish a true pivot. Route is a command that can be run from within the Metasploit console. It routes attacks through an existing meterpreter session. The route statement is not altering the routing tables on the attacking host. This is also different that the route statement which alters the client host when your are in the Meterpreter session. This route statement alters the routing tables used by Metasploit (see lib/rex/socket/switch_board.rb). Not all Metasploit tools will honor the routes. It seems that those that are built on "Session" objects which uses the "Comm" object honor the routes. Some components (such as auxiliary modules) do not inherit the comm and/or switchboard objects and thus do not honor the routes.

Check the video out here.
Subscribe