Crackers briefly hijacked hacking tools website Metasploit.com on Monday.
Metasploit is an advanced open-source exploit development platform used by most pen-testers. A tool we often mention here on Darknet.
On Monday the site was redirected to a page announcing the site was “hacked by sunwear ! just for fun“, as recorded by Sunbelt Software.
Unidentified miscreants used an ARP poisoning attack aimed at the network of Metasploit’s hosting provider in order to pull off the hack. The Metasploit project was quickly restored. H D Moore, the creator of the project, explained what happened in response to online reports of the hack.
“Another customer on the same ISP was compromised and used to ARP poison all servers in that subnet. I corrected the problem by setting a static ARP entry and notifying the ISP. To make it very clear – the metasploit.com servers were not compromised, nor have been to this date,” he said
So don’t worry, the Metasploit packages are safe as the server was NOT compromised it was a network level attack and a redirect rather than an actual intrusion.
Source: The Register
- Microsoft’s Anti-Malware Action Cripples Dynamic DNS Service No-IP
- OWASP NINJA-PingU – High Performance Large Scale Network Scanner
- Bro – Passive Open-Source Network Traffic Analyzer
- ARPwner – ARP & DNS Poisoning Attack Tool
- HD Moore’s Company BreakingPoint Suffers DNS Attack
- Learn to use Metasploit – Tutorials, Docs & Videos
Most Read in Network Hacking:
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,042,618 views
- Wep0ff – Wireless WEP Key Cracker Tool - 511,211 views
- THC-Hydra – The Fast and Flexible Network Login Hacking Tool - 312,038 views