Default image

modpr0be

Posisi saya saat ini sebagai direktur dan pemilik PT Spentera, sebuah perusahaan yang fokus dalam bidang penetration test, incident response, intrusion analysis and forensic investigation. Saya juga berkontribusi untuk repositori eksploit Metasploit Framework sebagai pengembang kode eksploit. Saat ini memegang sertifikasi dari Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), ISO/IEC ISMS 27001: 2013 Lead Auditor/Auditor, GIAC Certified Intrusion Analyst (GCIA), dan Offensive Security Exploitation Expert (OSEE). Jika ingin menghubungi saya dapat melalui email bisnis di tom at spentera dot id atau pribadi di me at modpr0 dot be

Silent Backdoor with Weevely

Ever think to gain access to your backdoor undetected? Well, maybe not all web administrators examine their php files? Weevely is the answer. Just follow these actions (I was doing this on Backtrack 5): Where: -p = your password to…

Useful Addresses When Dealing with ROP

Saya nulis ini supaya ga lupa. Sebenarnya bisa dicari lagi sih alamat ini, cuma lebih enak klo udah ada disini tanpa nyari lagi khan?!. Sejumlah alamat yang dipake untuk tehnik ROP, sbb: VirtualAlloc() Secara sederhana, fungsi VirtualAlloc() akan mengalokasikan memory…

Metasploit Meterpreter Command Shell Upgrade

Seeing is believing 🙂 Good, command shell is on the background now, what if we want to change that existing command shell session into meterpreter session? re-exploit? Oops, you should forget about to re-exploit, Metasploit has a feature to upgrade…

Dump Windows System Info

When you were asked to collect all Windows system information such as list of users, services, software installed and its version, Windows update history, etc..probably you wanted to see these tools: System Information Collector WinUpdatesList v1.31 WinAudit Freeware v2.28.2 SAM/Password…