Managing more than one exploit at a time with Metasploit

If you use Metasploit you may have had the need where you have to leave your exploit to execute another one or just to run a normal Linux command (remember that while using the Metasploit prompt msf> you can still execute Linux commands). The following steps show you how you can manage more than one exploit without stopping them.  Continue reading

Wireshark Filters

Wireshark is an application that allows you to capture network traffic, this is very useful when you need to troubleshoot problems or just to understand how an specific application works. In this post you will find some filters that may help you to correctly interpret complete conversations or specific network packets. Continue reading

What is Sender-ID?

Sender-ID or Sender-ID Framework (SDIF) is an experimental protocol designed to allow any SMTP Server to validate the fact that the domain used in the incoming mails is legally used and approved by the real owner of such domain. By using records similar to the ones used by SPF, an SMTP Server may obtain detailed information about the authorized servers that are allowed to that domain name. Continue reading

What is SPF?

The actual definition of SMTP mail protocol allows explicitly for any entity to identify itself with any domain in both the HELO/EHLO and MAIL commands, it also allows any entity to identify itself with any mailbox in the From Header as long the syntax of RFC 2821 and 2822 is respected. This gives an attacker an opportunity to send mail pretending to be someone else, injecting thousands and even millions of unwanted mail into a normal mail flow. To minimize this risk and to make sure that the MTA server sending the mail is actually authorized to use the that domain, a new protocol was generated called Sender Policy Framework (SPF) which is one of the many tools that exist to fight against mail usage abuse. Continue reading