moomba's blog

Is Nmap smarter than Trustwave

A year ago when I was working for a company that had outdated firewalls at their store locations we were required to abide by PCI 2.0 requirements.  Well we had issues with these firewalls with not completing a PCI scan.  I worked with Trustwave to no end on why these would were timing out and not finishing their scans and the engineer assiting me at the time actually shared the nmap scan that was occuring from their cloud ASV scanners.  

Mobile Penetration Testing Notes

GMOB Notes

iPhone Backup Browser - simple
Magic Berry IPD Reader
BlackBerry Backup Extractor
Windows Phone backup - %LOCALAPPDATA%\Microsoft\une\ZuneStore.sdf - no utility that can view this data nicely.

Android Device Backup - nothing from google because it uses the cloud
McAfee WaveSecure
MyBackup Pro

Unlocking the devices
Elcomsoft password recovery
Elcomsoft Phone Password Breaker $100 for blackberry unlocking devices

Access Time turned off by default in Windows 7

If you want to have forensic information of access time for files you need to turn off ntfsDisableLastAccessUpdate in the registry.  See Below.


Database found within Websense with SA and blank password

Last week I found a database running on port 8203 from the Websense server that was using SA with a blank password.  We opened a ticket with Websense and they confirmed my findings with the current version.  They have not issued a solution yet.  It appears to be a test database but for what?  It was really funny how it was found since it passed our quick vulnerablity scan from neXpose.   Now this is not an issue from neXpose as I was using the default Full Audit profile as part of the final risk assessment.  Shame on me for not scanning all ports since it

Why I use DuckDuckGo vs Google for my Search Engine

Google blatantly tells us in their new privacy statement that they will use our information to deliver their services.  It is the model of we are the product of the product, but for some of these services its not that we are making the product better it is the fact that they are stealing our data which leads to our privacy to marketing companies for money.  So there must be other alternatives and I am on a quest to find best of breed alternatives. 

Useful Palo Alto CLI Commands

I promise more to come on this, just really busy at work these days.

Sharing my notes.

Google+ Article

So I believe this will be part 1.  After I started unravelling all the features its about impossible to cover everything in one blog.  So there will be a part 2 for this blog.  I hope you enjoy part one.


Using rvm to run both versions of Ruby

First - install the latest version of git

$ sudo apt-get install git

Next run the following

$ bash < <(curl -s

Next go to the following user

Find Domain Controllers using NSLOOKUP

> set q=srv
Where is your domain.

Metasploit server/browser_autopwn is having issues

I am getting the following error after running the exploit on almost every client side link.

Exploit failed: uninitialized constant Msf::Encoder::Type::PrintfUtil


My versions are as listed