Welcome to In Depth Defense. In Depth Defense LLC is a privately owned Information Security Consulting company owned and operated by Mark Baggett. In Depth Defense specializes in Penetration Testing and Incident Response. At this time In Depth Defense is not accepting any new client work, but we are happy to speak to you and point you to other resources in the community.
Mark Baggett has been active in Information Security for 18+ years. I've served in a variety of roles from software developer to CISO. You can find archives of older blog entries below and read my newer posts on http://www.pauldotcom.com, http://isc.sans.edu and http://pen-testing.sans.org
Sunday, March 22, 2009
Metasploit adds new keylogger and Mac payloads
Metasploit added some pretty interesting payloads to its arsenal this week. First, Meterpreter (the only payload you'll ever need) added a keylogger. Plus, they have added some cool payloads for the Mac. There are a set of isight payloads that will snap a picture from the isight camera (bind_tcp, reverse_tcp, etc). This payload is an part of the "bundle inject" payload which are documented in the Mac OS X hackers handbook this looks like it could be the beginning of a meterpreter like plug-able payload for OSX. Charles Miller, winner of the new Macintosh Powerbooks at both the 2008 and 2009 Pwn2Own contests is coauthor of the payloads along with Dina Dia Zovi. That is definitely a book I will be adding to my library. Here is a recent presentation with some interesting information on the payloads.