Intel NUC Super Server

Hi. I'm Rob... and I have a problem. Lets just say, when you find the limitations on Amazon's wishlist features for single items, you know you have a problem. My problem? I'm kinda addicted to Intel NUCs. They are so versitle, low-ish power consumption, and incredibly powerful and TINY. I carry 3 of these (the older / cheaper ones) around to run my trainings / classes from.

The follow is my current wishlist. It is an i7 NUC w/ 500GB of high speed M2 SSD, plus a 1TB SATA SSD, and 32 GB of RAM... ya, thats right 1.5 TB of SSD space, and 32 gigs of RAM!!

	Intel NUC Kit NUC5i7RYH Barebone System $459.99 by Intel Link: http://amzn.com/B00WAS1FX6
	Samsung 850 EVO 500 GB M.2 3.5-Inch SSD (MZ-N5E500BW) $194.99 by Samsung Link: http://amzn.com/B00TGIW1XG
	Samsung 850 EVO 1 TB 2.5-Inch SATA III Internal SSD (MZ-75E1T0B/AM) $346.99 by Samsung Link: http://amzn.com/B00OBRFFAS
	Crucial 1600 MT/s (PC3L-12800) CL11 SODIMM 204-Pin Memory CT204864BF160B $326.31 by Crucial Link: http://amzn.com/B011ISG132

Total Cost: 1328.28

I have gone back and forth between virtualization software (ESXi and Xen mostly)

Xen works out of the box but only has a decent interface in it's Windows GUI. OpenXenManager for Linux is ok. and Xen Orchestrator (Web UI) leaves a bit to be desired. If you're ok with keeping a Windows box around, Xen is the superior choice when it comes to feature sets. (Mainly clone and templating out of the gate and free)

If you do go the ESXi route follow steps here: https://www.virten.net/2015/03/esxi-6-0-image-for-intel-nuc/ because it doesn't work out of the box. I did create the ISO already, so if you want to use the one I made you can find it here: https://dl.dropboxusercontent.com/u/2627512/ESXi-6.0.0.update01-3073146-NUC.iso

You may run into the Manufacturer and Model being random strings (question marks in diamonds), but you can follow: http://www.virten.net/2015/02/how-to-install-esxi-on-5th-gen-intel-nuc-nic-and-ahci-workaround/

Again, I've already done these steps so you can download the pre-built BIOS rom here: https://dl.dropboxusercontent.com/u/2627512/RY0350-FIXED.bio - WARNING: I doubt the BIOS is universal so if you don't buy the NUC listed above, you probably want to just follow the steps yourself. Flashing a BIOS with the wrong ROM could brick the device.

Read More

Meterpreter show_mount

Meterpreter’s STDAPI extension (the one that always gets loaded) has a new command. This doesn’t happen very often so it’s worth noting.

The new command prints out the currently attached “mounts”. In windows world, that means the normal CD ROM, C drive, etc, but it also means all of the mounted network drives as well.

This gets very interesting when you happen to find yourself in a VM environment where you can start writing files to the host:

meterpreter > show_mount
Mounts / Drives
===============
Name Type       Size (Total) Size (Free) Mapped to
---- ----       ------------ ----------- ---------
A:\ removable      0.00 B      0.00 B
C:\ fixed         59.90 GiB   28.15 GiB
D:\ cdrom          0.00 B      0.00 B
Z:\ remote        64.78 GiB   18.09 GiB  \\vmware-host\Shared Folders\

I’ll leave the rest up to your imagination for now. But we will come back to this very soon. Huge thanks to @TheColonial - OJ for implementing this much needed option. Merged pull request is here: https://github.com/rapid7/metasploit-framework/pull/6146

Read More