So much to do.

Going to write up a bit of a “todo” list here of all the things I need to work on.

  1. Nessus IVIL wrapper for Seccubus V2 – I had a wonderful talk with Frank from seccubus a couple of weeks back and we came up with the idea of “IVIL” which is basically a common XML format to report findings in from just about any tool.  I’m going to write an example IVIL aware wrapper for Nessus that will let you create scans, download reports and output in IVIL format to be loaded into seccubus V2.  Ideally anyone could write a wrapper for any tool and convert the tools output to IVIL to be loaded into seccubus for reporting.
  2. Bug fixes for the Nessus plugin.  I need to diff out all the new things in the code that are not currently in metasploit and submit that.  Also work on a couple of tweaks and new features people have suggested.
  3. Watch some more ruby videos and read some more of my ruby book.
  4. Fix up my dev environment.  I am trying to swap over to using Netbeans as my IDE and SVN over SSH to connect to remote servers to test.  Carlos Perez has been great in showing me how this works.  Probably look at moving my dev to a vm on my laptop to repurpose the current hardware as an Astaro box.
  5. Look into using meterpreter more and learning about meterpreter scripting in order to use meterpreter as an OVAL interpreter.
  6. Work more on learning nasl.  Also looking to create a nasl script to do OVAL scanning of remote hosts directly with nessus.  Lots to do here and nasl is a bit clunky after working with ruby.  Funtimes though.
  7. Keep working on my highly threaded http scanning engine.  Basically want something that is fast and scalable for finding http(s) servers on any port.  If one exists now that grabs all kinds of info on what the server/service is, love to see it.  Emphasis on the fast and scalable, talking scanning thousands of hosts and all ports.

That’s all that springs to mind right now.  Still getting over being sick and the whole family being sick after returning from Hack3rcon.

Speaking of Hack3rcon, I had a blast.  I’ll sign off here by embedding my talk on Nessus/MSF Integration.  My first ever talk and I learnt a great deal about presenting with live demo’s.  Redt of the talks are available on

Nessus Bridge for Metasploit Zate Berg from Adrian Crenshaw on Vimeo.

Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , , , , , , by with no comments yet.

Presenting the Nessus Bridge at #Hack3rcon this weekend.

This weekend (Oct 23rd and 24th) I will be in Charleston WV presenting/demoing the Nessus Bridge for Metasploit at Hack3rcon.  This will be the first time I’ll have presented anything outside of work and should be lots of fun.  Quite a few great speakers that I look forward to meeting.

I’ll post the presentation up here once it’s done for everyone else to take a look at.  Actually going to be presenting a few new commands that are not in the metasploit svn version of the plugin.

After Hack3rcon I’ll be back into high gear adding some new functionality to the plugin and branching out into writing a wrapper for Nessus to speak IVIL for Seccubus v2.  This is pretty exciting stuff for me.  Coming up with a xml format to speak “findings” that is tool agnostic is going to be a great thing.  It will mean moving findings between tools, or comparing findings between tools, will be much much easier.  Keep a look out for that one.

There has been some talk on the metasploit mailing list this week about using tools such as Nessus to scan through a MSF pivot and into another network.  Some interesting discussion and I think it’s something I will dive into in these next few weeks.  Start to examine what some of the limitations are and how we might overcome or avoid them.

that’s it for now.  have a good weekend.

Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , , , , , , , , , , by with no comments yet.

Google Wave, so far it’s the answer to a question no one asked.

I want to like it.  I like tons of other Google services.  I’m a Google Fan Boy, but I just dont get Wave.

It reminds me of online multiplayer games.  It sucks to use alone.  I invited some friends, we got on it.. and it’s a chat client?  Well at least thats how we used it, it was a rather kludgy chat client.  Google Chat group chat is better, using communicator at work is better.

I dont see how to email to it, how to connect it to my gmail.

I’m just a bit stumped on what it is good for.  It’s fancy, it’s sexy, but it’s confusing.

Edit:  I found out at least some stuff to do with it.  Type in “with:public” in the search box, ok now stuff starts to make more sense.

I am intrigued by the seemingly total lack of security though.  So is this guy, and he has great points.

Posted in Stuff, Things and tagged , , , , , , , , , by with no comments yet.

On thin ice.

We desperately need a server upgrade.  We currently have 2 dedicated boxes, and it’s certainly starting to show it’s age.  Major problem is space.  I need more space to be able to upgrade TR and TF.

So I am putting the pressure on Aharon to buy us something new.  Looking at this —

It’s what a site I frequent quite often ( uses, and they have many times our current users, so if it works for them, should work for us.

We can get a nicely configured quadcore i970 box, 12gb ram, 2x500gb drives, for about $300 a month.  Only caveate is bandwidth, it comes with 2.5TB.  Not sure how much we are currently using.  I should look that up.

Biggest issue with that is backups.  The drives are not mirrored (ouch!).  so what happens if we have a disk failure? (more…)

Posted in Stuff, Things and tagged , , , , , , , , , by with no comments yet.


Sometimes the names of concepts or objects I am describing don’t make it from the abstract in my head, to being thrust upon the world through my most awesome linguistics.  Some where along the way my own personal mod_rewrite substitutes them all with “things” and “stuff”.  I know 110% what I am referring too, alas my family, collegues and friends often do not.

Perhaps I can slow it down a little and get the correct words to describe the correct concepts out here.  I tend to think a lot, and none of it is about what I might be doing right now, so perhaps some of the less complicated abstracts can be written up here.

No set topics, no set agenda, just a collection of things and stuff.

Chances are I’ll forget I set this up in a week anyhow.

I work in security.

Posted in and tagged , , , , , , , , , by with 1 comment.