Tuesday, December 24, 2013

T'was The Scan Before Christmas

Twas the scan before Christmas, when all through the NOCs
Not an admin was patching, not even for SOX.
The cat5 was strung up in beautiful spindles,
As the hope it would stay that way quickly dwindles.

The servers were nestled all snug in their racks,
While disks hummed and lights flashed on jacks.
The sysadmin in his Tux shirt, and I in my cap,
Had just hyped up on coffee to stave off a nap.

When on the monitoring screen arose such a clatter,
I turned just slightly to see what was the matter.
Away to my command prompt I typed in a flash,
Right-click, open, come to me bash.

I panic, I sweat, the desk meets my head,
What piece of shit did they successfully embed.
When, what to my wondering eyes should appear,
But a dude with no pants on, it was perfectly clear.

With a high-gain antenna along for his quest,
I knew in a moment it was a pentest.
More rapid than fiber his fingers did fly,
A grumble he made, the jr. admin starts to cry.

Now APT! Now phish! Now, vuln and attack!
On HIV! On, encrypt! On, cyber and crack!
To Hell we must go! Turn up the dubstep!
To deal with the vendors, cope with inept!

As the time comes around to check mark the boxes,
To keep vendors happy, those damn sly foxes.
So on to the testing, start up the scan,
Lets punch some holes in that software tincan.

And then, in a twinkling, I heard in his voice,
Spearfishing will be my method of choice.
As I drew in my head, and was turning around,
His eyes said don't worry, just CTF down.

He now spent time waiting, biding his time,
For what he had set was a victimless crime.
A shell he had wanted, now shown on his screen,
His face had lit up like an excited pre-teen.

His eyes-how they twinkled! His neck-beard so hairy!
His legs were so placid, his name, maybe Gary?
His teeth were clenched in a victory smile,
As he exported his findings to an ascii text file.

The scope he was given, made him laugh just a bit,
POS systems are not something to omit.
But write his report he shall do with a grin,
Oh, your whole network, the places he's been!

Default creds, sa password, and local admin,
PCI data, HIPAA, and click to login.
Metasploit helped with a bit of SET magic,
The board's quote? "This is fucking tragic."

He said no worries, we're here to help you out,
This place will be cleaned, beyond any doubt.
To defcon, derbycon, shmoocon you'll go,
Oh, all the wonderful things you'll now know!

He left in a fluster, red team let's leave!
These admins need some good time to greive.
But I heard him exclaim, ‘ere he stomped out of sight,
Pwny Christmas to all, and to all a good fight!

(What happens when I work on Christmas Eve)

Thursday, December 5, 2013

Internal Social Engineering Documents

So I know it's not pretty, but I'll work on that later. I've added a second "Downloads" page linked to my Google Drive. These are documents that I've worked on for our internal Social Engineering and Training program. The program is still being developed, but I've stripped out all of our company headers and info so you can customize as you wish.