Category: Software
-
Exploiting Apache Struts – CVE-2017-9805
CVE-2017-9805 is yet another very legitimate vulnerability in the Apache Struts framework. In the video, I demonstrate how easy it is to run a simple public python script against a vulnerable remote server, ultimately resulting in a reverse shell back to the attacker. In this post, I will cover all the steps shown in the…
Written by
-
Installing VMware vSphere ESXi 6.5
In this video I go over all of the basics of getting up and running with my favorite hypervisor, VMware vSphere ESXi 6.5. Here is a quick run down of everything covered: Where to install ESXi, hard drive or USB drive? Creating a bootable USB drive with the VMware ESXi ISO image and Rufus Booting…
Written by
-
What is VMware vSphere ESXi and vCenter?
In this video I give a quick break down of some of the key features and differences between VMware vSphere ESXi 6.5 and VMware vCenter 6.5. I also give a quick demonstration of what it looks like when both ESXi and the vCenter Server Appliance are fully booted and sitting at the console screen. Lastly,…
Written by
-
ELK 5 on Ubuntu: Pt. 2 – Installing and Configuring Elasticsearch, Logstash, Kibana & Nginx
In part one of this series, I went over the basics of installing and configuring Ubuntu 16.04. Now in this part, I am going to take that same VM and go over everything needed to create a functional ELK stack on a single server. By the end of this post the ELK stack will be…
Written by
-
ELK 5 on Ubuntu: Pt. 1 – Installing and Configuring Ubuntu 16.04
In this post I am going to cover the steps needed to install and configure Ubuntu 16.04 Desktop as the base operating system for what is going to become the ELK Stack server. My intention with this first post is to help people running the ELK services on top of Windows be a little more…
Written by
-
Dell C2100 BMC Password Reset via IPMITool
I recently acquired another Dell C2100 for my lab only to find out that the password on the BMC had been changed from the default root/root combo and I had no clue what the previous owner set it to. As it turns out, you cannot reset the credentials on the BMC via the BIOS or…
Written by
-
Metasploit Framework basics on Kali Linux – Owning a Windows Server
In this post I want to talk about the basics of using the Metasploit Framework that is included on the latest version of Kali Linux. If you don’t already know the Metasploit Framework is a project that makes writing and utilizing exploits relatively easy and it’s components are very modularized. Metasploit has everything you need…
Written by
-
ELK Stack Pt. 2: Collecting logs from remote servers via Beats
In one of my recent posts, Installing Elasticsearch, Logstash and Kibana (ELK) on Windows Server 2012 R2, I explained how to setup and install an ELK server but it was only collecting logs from itself. That in itself isn’t very useful as the real value is when you begin collecting and indexing all of the…
Written by
-
ELK Stack Pt. 1: Installing Elasticsearch, Logstash and Kibana (ELK) on Windows Server 2012 R2
An updated version of this post can be found here: Installing ELK 7 (Elasticsearch, Logstash and Kibana) โ Windows Server 2016 What is an ELK stack and why would you want one in your environment? Elasticsearch, Logstash and Kibana (ELK) is the combination of 3 separate pieces of software from the same vendor, Elastic. The…
Written by
-
Veeam Backup & Replication 8 fails when accessing ESXi 6 hosts directly – Failed to login Unknown API version format: “dev”
Veeam Backup & Replication is great tool for when you don’t have vCenter available for whatever reason and you need to move some VMs and/or datastores. It has bailed me out of many sticky situations in the past. However in my most recent bind, I found I absolutely could not get it to connect directly…
Written by
