Vulnerable | Attack Vector

Posts Tagged ‘vulnerable’

Vendor Response to Backdoor in Accton Switches Post

Posted: 10th September 2010 by Matt in news, security
Tags: Accton, Accton-based, attack, backdoor, fix, hack, hacked, lan, network, owned, password, passwords, risk, secure, security, SNMP, vlan, vulnerable, workaround

A few days ago I posted an article that was circulating regarding a backdoor in to Accton based switches. You can read that post here. Shortly after, a person by the name of “CK”, who apparently works for the vendor, responded with the company’s side of the story. I then issued my response, and CK [...]

An Open Letter to Microsoft

Posted: 8th September 2010 by Matt in news, security
Tags: Apache, Blaster, Boink, Bonk, code, Code Red, company, computer, Conficker, crash, denial of service, denial of service attack, exploits, Frag, IIS, ILOVEYOU, irc, Land, Linux, Microsoft, MyDoom, Nestea, NewTear, Nimda, Sandmind, Sasser, Sircam, Slammer, SoBig, Sping, spyware, SQL, TearDrop, vulnerability, vulnerable, Windows, WinNuke, worm

Dear Microsoft, I have watched you develop as a company, starting with Windows 3.1. It was most peoples first experience with a PC and considering that there was really no other marketed OS (Linux was brand new and not really totally “usable” yet. I ran it, but it was not for the faint of heart. [...]

DLLHijackAuditKit v2

Posted: 25th August 2010 by Matt in hacks, news, security
Tags: 0day, automated, dll, DLLHiJackAuditKit, exploit, hack, hd moore, hijack, metasploit, own, vulnerable, webdav, Windows

HD Moore (Metasploit) has just released an update to his original DLLHiJackAuditKit which further automates the process of discovering programs which are vulnerable to this attack. You can find his post here And here is the direct link to the zip file.

Windows ‘LNK’ Exploit Demonstration

Posted: 20th July 2010 by Matt in hacks, news, security, social engineering
Tags: automated, browser, Command, exploit, LNK, metasploit, Microsoft, msf, msfconsole, network security audit, payload, remote, shell, Stuxnet, Temphid, URIPATH, victim, VirusBlokAda, vulnerable, W32.Stuxnet, W32.Temphid, Windows, wireless

Ok, so with all the hype surrounding this vulnerability, I figured that I would do a write up and give an example of how it works. Metasploit, as usual, makes it really simple. I really consider this to be a social engineering attack, because you need the victim to access a share. Yes, in the [...]

Damn Vulnerable Linux (DVL)

Posted: 19th July 2010 by Matt in hacks, news, security
Tags: computer, damnvulnerablelinux, exploit, exploits, hack, Linux, security, vmware, vulnerable

All I have to say is.. awesome! This is a Linux distro that is intentionally made as vulnerable as possible. Why? Because it allows you to throw it on to some old computer (or run it as a vmware image!) and hack the living you know what out of it. You can test new tools, [...]

DefCon 18, anyone?

Posted: 14th June 2010 by Matt in code, hacks, security
Tags: conference, engineering, exploit, hacking, las, social, vegas, vulnerable

This is just a quick post.. are any of my readers attending DefCon this year? If so, let me know.. maybe we can hook up.

UPDATED: Linux Vulnerability: sctp_process_unk_param & Scapy

Posted: 18th May 2010 by Matt in code, hacks, security
Tags: advisory, crash, denial, denial of service, DoS, error, python, reboot, remote, scapy, SCTP, sctp_process_unk_param, service, vulnerability, vulnerable

I was going through my RSS updates and noticed this: http://www.securityfocus.com/bid/39794. Not good. Any time that there’s a remote DoS against a Linux box, it means bad things. I started digging, because I’m not terribly familiar with SCTP. First, I wanted to know more about the vulnerability itself. I found this: http://permalink.gmane.org/gmane.comp.security.oss.general/2859. Simply put, the [...]

Sponsored Links

Archives

Recent Posts

Blogroll

matt@attackvector.org