Questions? Call 877-752-7170 or contact@fyrmassociates.com

ShmooCon

GuestStealer Wrapup

In addition to the previously mentioned Nmap script, GuestStealer has now made its way into a [Nessus plugin] (http://www.nessus.org/plugins/index.php?view=single&id=44646) and a Metasploit module. Nessus Plugin 44646 was released by Tenable a few weeks ago and the Metasploit module was pushed up to the trunk last week. GuestStealer has been mentioned in several articles and blog posts recently, including [DarkReading – Tech Insight: Securing The Virtualized Server Environment] (https://www.darkreading.com/tech-insight-securing-the-virtualized-server-environment/d/d-id/1132946) and The Hacker News Network.

Continue reading

ShmooCon 2010 Stealing Guests… Slides Online

Luckily I was able to escape Washington DC’s 3rd round of snow to enjoy the tropical 40 degree weather here in Tampa today and write this post. Despite the blizzard and its many names, the ShmooCon faithful came out in full force to make another great conference. As usual, ShmooCon featured interesting presentations, shenanigans, and a chance to hang out with those friends you usually only see at Cons. I want to thank everyone who attended the Stealing Guests…The VMware Way talk, especially since no one threw shmooballs at us.

Continue reading

GuestStealer 1.1 and PaulDotCom Webcast

Justin and I will be on the [Security Weekly] (https://wiki.securityweekly.com/Episode187) podcast tonight to discuss the latest developments with GuestStealer and the Smart Grid book. For more information, check out tonight’s episode guide and join the live discussion tonight. Also, GuestStealer v1.1 is now available for download. This is a bug fix release that improves the error handling and prevention of downloading the same vmdk file twice (when that vmdk self-references itself).

Continue reading