So here's the commited metasploit module: ubisoft_uplay_cmd_exec.rb And the POC working in a video This is now fixed in version 2.0.4 (recently released and auto updates uplay)

There's such thing as great coders and also such thing as great developers, but rarely, if ever, the both together.

Shameful plug here guys.
I've compiled the sources earlier this morning into deb packages for those that want to play with it without building from source (building from source will confuse the system and you might not get updates). Both i386 and amd64 versions working on BT5 r2 here. http://www.phillips321.co.uk/2012/05/22/creating-a-debian-package-from-source-checkinstall/

Yeah but everyone buys the nice guy a pint in the bar afterwards! Lose the battle but win the war ;-)

I thought you were going somewhere else with this:
"maybe six hours of work if you really stretched things".....
....the rest was devoted to sleep!

Thankgod someone here understands the arty of wifi cracking.
But from the looks of things this guy is a douchbag, if he is dumb enough to get caught i also guess he was dumb enough to use a replay attack in order to gather enough IVs. I guess he was also dump enough to connect to the network with his hardware MAC address rather than a cloned address from the target network. I guess his hostname was also something dumb like "BarrysLaptop".

For those out there wishing to do this take precaution!

• Use bootable usb stick for all hacking (and quickly swallow if feds show up)
• When sniffing for WEP IVs or WPA handshake do so without inbjectng traffic
• Change mac address to one that target network is already using
• Change hostname to match targets machine
• If using backtrack then ensure HTTP get requests match that of the targets machine: if target use Internet explorer and all your requests come from Firefox on a linux host it's pretty obvious is was spoofed.
• ALL IN ALL DONT DO IT! If you have a problem with the neighbour just speak to him like a normal human being over a cold can of beer

Ummm, WEP requires enough IVs to crack, either through sniffing the network and capturing IVs (slowly) or by using a replay attack against the router in order to massively speed up the IV collection process.
WPA on the otherhand can be performed offline once the 4 way handshake as been captured.... (Which can be optained by waiting for a valid client to connect or by de-authing the clients and then capturing the handshake once they reconnect)

WAIT... before you do anything just think of the possibilities.....

If this is your boss then surely blackmail is the way forward! (unless he's a cool boss = congratulate him and join him next time)

meh, just noticed my bad spelling :-(

** You're = your

Your a tard! Mod parent down please!

MultiUSER is when you require more than one user
MultiTASK is when you wish to carry out more than one process.

And boom there it is, if you don't need it why is it running?
More cpu cycles consumed.
More memory consumed
If a remote code execution vulnerability is released for that version of telnet then wham....
.....these are the reason that you would not be considered a good admin!

Agreed!

I'm a pentester and the lead maintainer of a pentest Linux distro based on gnome: gnacktrack.co.uk........

Yet i also train in MMA daily and although what the Americans would term as a Rookie, i am yet to loose at the standard i'm fighting. I would say i'm both a geek and cool.

That was the first thing i thought...
....a glider type fixed wing with solar panels on the topside could use thermals and solar for none stop "droning"

You mean like something cool like Penetration Testers???

Go figure i just checked and this is already taken for something....

You forgot to mention that the dog taking a shit is an extra add-on........Flash!