Comments for Information Systems Auditing

Comment on Auditing Folder (and subfolder) Permissions using CACLS by Susan

Susan — Fri, 27 Jan 2012 21:46:43 +0000

Nice work. I have a little issue with the parsed results. The very first folder encountered is parse correctly, but when it gets to the next directory, it places the prior directory name in Column A, the new directory in Column B and the file permission in Column C. From there it is correct, withe current Directory in the A column and permissions in B column.

Is there a way to test the first argument on each pass? I am not any good at scripting or I would try to figure it out.

Thanks,

Susan

Comment on Project RF (Updated: 7.11.2011) by admin

admin — Mon, 12 Dec 2011 13:33:19 +0000

Ryan,

Still coding for the framework. I thought I had created the email account proj...@jedge.com but apparently I did not. Thanks for pointing that out. It has been corrected.

Comment on Project RF (Updated: 7.11.2011) by Need support

Need support — Sat, 10 Dec 2011 18:57:37 +0000

Are you still supporting this project? Several attempts to email you at projectRF email address have failed. If so, could you reach out to me at the email address provided?

Thanks!
Ryan

Comment on SQLNINJA: SQL Injection by admin

admin — Thu, 17 Nov 2011 18:09:41 +0000

ZaiR,

I guess the question is what is new in 0.2.6 that would need documenting in a tutorial? I will look into it but if you have something you are looking for let me know. Also I would need a target. Everything you see above was a live target during a penetration test where I documented everything I did with the specific purpose of creating a tutorial.

Comment on SQLNINJA: SQL Injection by ZaiR

ZaiR — Thu, 17 Nov 2011 17:46:36 +0000

I hope you update the tutorial on using sqlninja-0.2.6…

Comment on Windows Password Cache by admin

admin — Wed, 16 Nov 2011 14:04:07 +0000

An encrypted file system would not stop the methods described in this article. The tools described are against a system that is online.

Comment on Windows Password Cache by Daniele

Daniele — Wed, 16 Nov 2011 07:26:48 +0000

Good article! I think the only security is encripted file system.

Comment on Linux Penetration Testing Laptop Setup v4 (Ubuntu 11.4 Natty Narwhal) by admin

admin — Tue, 15 Nov 2011 15:02:29 +0000

Shawn,

Have you tried the configuration tutorial?

Comment on Linux Penetration Testing Laptop Setup v4 (Ubuntu 11.4 Natty Narwhal) by Shawn

Shawn — Tue, 15 Nov 2011 14:14:53 +0000

I am interested in using Ubuntu in my Pen Test setup

Comment on Compile John the Ripper w/ Jumbo Patch (Updated for 1.7.7 & 1.7.8) by admin

admin — Tue, 18 Oct 2011 12:43:30 +0000

Adil, the issue may have been resolved by now. I was getting the error compiling JtR 1.7.8 with openssl 1.0.0e on Ubuntu Natty Narwhal 11.4. I will look to update the tutorial with any new versions of JtR and openssl. For you there are a couple things I would try.

1. Go ahead and try to compile JtR. Worse thing that happens is you get the error above.
2. If you get the error just install openssl-dev from the repository. My instructions on installing openssl from source puts the files in /usr/local. I’m pretty sure your path environment variable will use the dev files from the repo first if you install from the Ubuntu repo.