Camouflage v1.2.1 is an incredibly weak steganography tool for Windows. It can use various image files and doc files as a carrier to hide arbitrary data inside of. It has been broken by a number of researchers, so you would be pretty stupid to use it. See here.
faccf08df223865d232691f8475db7b818246a228b6c4a312c75a7121086a632This is a Windows program that "unprotects" files which have been hidden using a steganography program called Camouflage. If the Camouflage'd file requires a password, the password is reset to nothing.
2a5520ed6c0e2c104c405fe6c4bdf3b330cb557d4abd1af0cb69794992420b74This is a Perl script that can search files to identify whether data has been hi dden using a weak steganography tool for Windows named Camouflage. If Camouflage has been used, it prints the approximate amount of hidden data, and says how many hidden files there are. If a password was used to "protect" the hidden data, the password is printed out. It has been tested against .doc carrier files, and tested against Camouflage v1.2.1. It also saves an unprotected version of the file with a different name.
1e41627ee891f89cb5aa1c4e441cd1ec6065587fedf8c8f504930887f92bb62aRemote buffer overflow exploit for ShixxNote 6.net, which, according to the producers site, is "a personal organizer, desktop sticky notes (post-it) program, instant messaging application (LAN messanger) and a communications tool used across a local network (Intranet), Internet and via email. Perfect and ideal tool for your LAN or office communication." The exploit works against Win2k only, it will crash other platforms.
30e61262aa45edc2db0dc1a04dbd2d7312cda620d648fff04a18128e0cabcd5cApplication Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
8395480370f223d2e59616e6c597f1bc9ffa01b8482130fe61d0ee3d73e41bcaHITB (Hack In The Box) 2004 Presentation by Toh Swee Hoe: "Information Network Security Issues in the Communications and Multimedia Industry". The converging communications and multimedia industry and rapid technological changes pose new problems to network security. To address the challenges, this paper highlights several of the initiatives that the MCMC (Malaysian Communications and Multimedia Commission) are working on in addresing those concerns.
e90b799cc54a95ccc23176587b0de2874dbece9005aaa7b875715e9317970a16Files from HITB (Hack In The Box) 2004 Presentation by Theo de Raadt: "Exploit Mitigation Techniques". Description from HITB: OpenBSD has been auditing software for nearly 10 years, and while we have had significant success, it is clearly not enough. In the last 3 years a new view on preventing attacks has surfaced in the mindset of our group. A software exploit author starts by finding an interesting bug. Writing an exploit is easy because he can rely on a variety of system behaviours which are very deterministic. Many of these behaviours are not required for proper operation. Recently we have developed many new techiques which combine to thwart the attacker, without affecting regular software. We make the Unix process environment difficult to attack much like filling a house full of a variety of burglar traps.
0e09fb3b197c98b688478e8d2179abe5eb51bbcdf52ac7d0ccf750669eb1b90fHITB (Hack In The Box) 2004 Presentation by Teo Sze Siong: "Stealth Virus Design Thru Breeding Concept (Non Polymorphic)". Most polymorphic virus design it is not totally flawless because the virus researchers can extract out the important bytes containing the logic of the program and search for the logics signature when scanning for polymorphic viruses. The reason portion signature searching works is because some parts of the code in the virus cannot be modified in order to ensure it works correctly. In order to design a truly stealth virus, we can code a virus that stores a series of program logics in source code to reproduce itself. For example, using the Compiler Class in .NET Framework, we can design a virus to randomly produce another new virus that is totally different from itself. The Compiler Class in the .NET Framework runtime is capable of producing executables from source code without the SDK. Includes Proof of Concept (POC) code samples in C# .NET.
9edbbb2b968b914c8763e152ef7da10099a54fb25ec27a36e9d0fc1ee1b4b75dHITB (Hack In The Box) 2004 Presentation by Sukhdev Singh: "Protecting Your Business From Phishing Attacks".
60a8deae030b40762c1e90259763eb691585200bf22a485ad322a48aa47872eeHITB (Hack In The Box) 2004 Presentation by S.K. Chong: "Windows Local Kernel Exploitation". Discusses mechanisms to exploit the Windows Kernel for useful local privilege escalation. Unlike "Shatter Attack" which is usually only useful if an attacker has physical access of the computer, Kernel exploitation will escalate the attacker to the highest level of the kernel itself without any restrictions. The presentation will include usage of undocumented APIs, memory corruption in device drivers, kernel 'shellcode' as well as other relevant tricks to find and exploit the Windows kernel-land for a successful privilege escalation.
3b0a27ebf4e22e17709d7a4a775a2c4e5de69c307b42ade96b78fb71a7c52ac2HITB (Hack In The Box) 2004 Presentation by Shreeraj Shah: "Web Services - Attacks and Defense Strategies, Methods and Tools". The web service is the new security Lego Land. The main building blocks are UDDI, SOAP and WSDL. This presentation will briefly touch upon each of these aspects.
c547966dd6835cc87a35eed5fa96c90b60b0f10f95e16735648e931f53b14d5dHITB (Hack In The Box) 2004 Presentation by Roberto Preatoni and Fabio Ghioni: " Asymmetric Warfare and Interception Revealed". Discription from HITB: An indepth explanation of everything you've ever wanted to know about how to evade interception and how you get intercepted anyway. This presentation will cover a strategic (with a little technology) overview of a basic asymmetric warfare battleplans. Items that will be discussed include: 1) Types of interception implemented as of today and what will be implemented in the near future 2) Technology set up for National Security and Critical Infrastructure protection: Defensive and Offensive capabilities of the deployed Multi-Dimensional Asymmetric Warfare Array. 3) Examples of Governmental and Business implementations of the complete array or modules of the above 4) Potential impacts of such technology on both privacy and national security 5) Cyber attacks : an abstract built on Zone-H's experience
605b7168d15089625d01d2ab954732be978f534932ec03f631febffe4f06a79cHITB (Hack In The Box) 2004 Presentation by Jose Nazario: "Packet Mastering". Di scusses use of libdnet, libpcat, and libnids.
8d38113bfa7300a01fe011ff213091301a2138616d626fb16cd992e1362e2815HITB (Hack In The Box) 2004 Presentation by "The Grugq": "The Art of Defiling: D efeating Forensic Analysis on Unix File Systems". Discusses Unix file system str uctures, talks about forensic tools commonly used, and discusses means of hamper ing forensic investigations. New techniques are also presented. According to the HITB description of this talk, "Anti-forensics has cost the speaker one job. Th is material has never been presented in the North American continent because ant i-forensics scares the feds."
677dc11503060329a4d551c3af2ef24ae966c450e1582b3d9e596f9c6c07a3d8HITB (Hack In The Box) 2004 Presentation by Gareth Davies: "Advanced Information Gathering AKA Google Hacking". Covers Google for target recon. Discusses lesser known aspects of Google - tools such as Athena and Sitedigger and finding misco nfiguration by simply searching for it.
737e23daacff2f5ffd95b43f35d555d5fd519ffdcadf747e43b32f3befd63329HITB (Hack In The Box) 2004 Presentation by Fyodor Yarochkin and Meder Kydyralie v: "Security Tools Integration Framework (STIF)". A framework for designing and creating a unified environment for network security tools for realtime analysis and sharing via an inference engine.
585ce76e7e835c8cdcc9e80056cfc442422445d403f3e8fb8e05d1f7069e0bd7HITB (Hack In The Box) 2004 Presentation by Emmanuel Gadaix: "Phreaking in the 2 1st Century". Blueboxing and "old school" phreaking is basically dead in most of the world. However, is phreaking dead? This presentation discusses phreaking ag ainst signaling by compromising SS7 nodes and discusses mobile platforms like GP RS, SMS+MMS, etc.
052dc872d66303fc4716ab5a007369803363bb767903cf4f6d1540a1d40cdd11HITB (Hack In The Box) 2004 Presentation by Chew Keong Tan: "Defeating Kernel Na tive API Hookers". Win32 Kernel Rootkits modify the behaviour of the system by K ernel Native API hooking. This proposes a technique for defeating hooking rootki ts that hook native APIs by Service Table modification.
4e34f3e743c4a91f43e774a978ae69e5028d46aee7ff79996b5bac10d07ba6aeHITB (Hack In The Box) 2004 Presentation by John Draper (Captain Crunch): "Secur ity Threats from Spamming" (part 2). Discusses security issues related to the sp ybots and trojans typically used by spammers, when the same spybots and trojans are used by more malicious / underground hackers.
aca1096dc4fccf4d8973aaf976e380756aa0a2e7f2ebaa23730161e224a9e225HITB (Hack In The Box) 2004 Presentation by John Draper (Captain Crunch): "Security Threats from Spamming" (part 1). Discusses security issues related to the spybots and trojans typically used by spammers, when the same spybots and trojans are used by more malicious / underground hackers.
597e56afa74e0ff57f9965f2d81818ecfa112545bd023456275790457cc19a63HITB (Hack In The Box) 2004 Presentation by Adam Gowdiak: "Java 2 Micro Edition (J2ME) Security Vulnerabilities". Java 2 Micro Edition (J2ME) security in detail . This discusses mobile Java, KVM, CLDC and MIDP concepts, and a detailed descri ption of KVM security architecture, its operation, and differences from standard the standard JVM. Several security issues affecting most of J2ME are discussed.
70eefe83516ef85c7efae71c39e0278575aa4f3f3b9c7856b2a2391766245399
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed