em Posted June 18, 2015 Report Posted June 18, 2015 Se pare c? Nytro ne reprezint? la DEFCONThe post-exploitation activities in a penetration test can be challenging if the tester has low-privileges on a fully patched, well configured Windows machine. This work presents a technique for helping the tester to find useful information by sniffing network traffic of the applications on the compromised machine, despite his low-privileged rights. Furthermore, the encrypted traffic is also captured before being sent to the encryption layer, thus all traffic (clear-text and encrypted) can be sniffed. The implementation of this technique is a tool called NetRipper which uses API hooking to do the actions mentioned above and which has been especially designed to be used in penetration tests, but the concept can also be used to monitor network traffic of employees or to analyze a malicious application.Ionut works as a Senior Security Consultant at KPMG in Romania. He is passionate about ASM, reverse engineering, shellcode and exploit development and he has a MCTS Windows Internals certification.He spoke at various security conferences in Romania like: Defcamp, OWASP local meetings and others and also at the yearly Hacknet KPMG international conference in Helsinki and Berlin.Ionut is also the main administrator of the biggest Romanian IT security community: rstforums.com and he writes technical articles on a blog initiated by a passionate team: securitycafe.ro.Sursa: https://www.defcon.org/html/defcon-23/dc-23-speakers.html#PopescuFelicit?ri b?. 1 Quote
QuoVadis Posted June 19, 2015 Report Posted June 19, 2015 (edited) Sper sa nu ma aleg cu warn, insa nu m-am putut abtine . Omul este un artist si ii dedic asta lui:(vorba lui em) Felicit?ri b?! Edited June 19, 2015 by Nytro Quote
Matthew Posted August 18, 2015 Report Posted August 18, 2015 numa cine are salariu 10k+ @em ? )Helo! I'm a nijerian printz Quote
sp3cial1st Posted August 19, 2015 Report Posted August 19, 2015 Alta bufnita cu tupeu! de unde atatea papagali, mare-i gradina ta doamne. Quote
Nytro Posted February 8, 2018 Report Posted February 8, 2018 https://www.blackhat.com/asia-18/presenters/Ionut-Popescu.html 3 8 Quote
Nytro Posted February 13, 2018 Report Posted February 13, 2018 Added support for Chrome 64 (only 64 bits right now). 1 Quote
Members Matasareanu Posted February 14, 2018 Members Report Posted February 14, 2018 10 hours ago, Nytro said: Added support for Chrome 64 (only 64 bits right now). Ne pregatim de conferinta ? Quote
Nytro Posted February 23, 2018 Report Posted February 23, 2018 Added support for Chrome 64 (32 bits) to NetRipper https://github.com/NytroRST/NetRipper 3 Quote
Nytro Posted March 6, 2018 Report Posted March 6, 2018 NetRipper - Added support for Putty 0.7.0 (32 bits) 1 1 1 Quote
Nytro Posted March 8, 2018 Report Posted March 8, 2018 NetRipper - Added support for Putty 0.7.0 (64 bits) https://github.com/NytroRST/NetRipper 1 Quote
Nytro Posted March 11, 2018 Report Posted March 11, 2018 NetRipper - Added support for WinSCP 5.1.3 https://github.com/NytroRST/NetRipper 2 Quote
Nytro Posted March 15, 2018 Report Posted March 15, 2018 NetRipper - Added Metasploit module https://github.com/NytroRST/NetRipper Poate cineva sa faca niste teste? Ar fi util sa stiu daca sunt probleme atat cu capturarea traficului cat si cu modulul de Metasploit. Orice sugestie e apreciata. Quote
Nytro Posted April 2, 2018 Report Posted April 2, 2018 https://nytrosecurity.com/2018/03/31/netripper-at-blackhat-asia-arsenal-2018/ 3 Quote
