exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files

UW-CSE-00-02-01.tgz
Posted Feb 11, 2000
Authored by Stefan Savage | Site cs.washington.edu

This paper describes a technique for tracing anonymous attacks in the Internet back to their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or "spoofed", source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by an attacker without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed "post-mortem" -- after an attack has completed. We present one implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology. In pdf and postscript format.

tags | denial of service, spoof
SHA-256 | bb7e781a8fbc104cfd9119ecf7c8caf54c5aab786c654c2d11dd9b87b1c48922

Related Files

UoW Pop2d Remote File Retrieval
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits a vulnerability in the FOLD command of the University of Washington ipop2d service. By specifying an arbitrary folder name it is possible to retrieve any file which is world or group readable by the user ID of the POP account. This vulnerability can only be exploited with a valid username and password. The From address is the file owner.

tags | exploit, arbitrary
SHA-256 | 7540a17d98340b14edeee62ac93a3bf6146e98410f1e14f88e1b224d7393b12f
A Vulnerability In Implementations of SHA-3, SHAKE, EdDSA, And Other NIST-Approved Algorithms
Posted Mar 7, 2023
Authored by Nicky Mouha, Christopher Celi | Site eprint.iacr.org

This paper describes a vulnerability in several implementations of the Secure Hash Algorithm 3 (SHA-3) that have been released by its designers. The vulnerability has been present since the final-round update of Keccak was submitted to the National Institute of Standards and Technology (NIST) SHA-3 hash function competition in January 2011, and is present in the eXtended Keccak Code Package (XKCP) of the Keccak team. It affects all software projects that have integrated this code, such as the scripting languages Python and PHP Hypertext Preprocessor (PHP). The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (without any restrictions on values to be XORed and even far beyond the location of the original buffer), thereby making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective.

tags | paper, overflow, cryptography, php, python
advisories | CVE-2022-37454
SHA-256 | e5ce94c802fc96b96a37593074295283819a7abf859a04a1c1cbfcdb566dcdb1
uWSGI Directory Traversal
Posted Mar 2, 2018
Authored by Marios Nicolaides

uWSGI versions prior to 2.0.17 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2018-7490
SHA-256 | e81a441330bd530dd0585c2f6ab174487c8c91e27174f850328ee26d1e4db873
Stealing Windows Credentials Using Google Chrome
Posted May 18, 2017
Authored by Bosko Stankovic

This paper describes an attack which can lead to Windows credentials theft, affecting the default configuration of the most popular browser in the world today, Google Chrome, as well as all Windows versions supporting it.

tags | paper
systems | windows
SHA-256 | 88f2619b5a29a05dfc2991bd8091e6af81c3ee03407380cea432941cad18af7a
Bypassing McAfee's Application Whitelisting For Critical Infrastructure Systems
Posted Jan 12, 2016
Authored by Rene Freingruber | Site sec-consult.com

This paper describes the results of the research conducted by SEC Consult Vulnerability Lab on the security of McAfee Application Control. This product is an example of an application whitelisting solution which can be used to further harden critical systems such as server systems in SCADA environments or client systems with high security requirements like administrative workstations. Application whitelisting is a concept which works by whitelisting all installed software on a system and after that prevent the execution of not whitelisted software. This should prevent the execution of malware and therefore protect against advanced persistent threat (APT) attacks. McAfee Application Control is an example of such a software. It can be installed on any system, however, the main field of application is the protection of highly critical infrastructures. While the core feature of the product is application whitelisting, it also supports additional security features including write and read protection as well as different memory corruption protections.

tags | paper
SHA-256 | 447953aeb8d3c594011048fcd1518b83478ae1bf8164d0159859893f8caa6b18
Handling The Problems In Biometrics
Posted Jan 6, 2015
Authored by Varun Mamillapalli

This paper describes some of the common problems faced in biometrics and possible solutions to these problems.

tags | paper
SHA-256 | 1e2342519676a56045378295699ec80a758236ce205376eff99f6166e1ce8163
PE (Portable Executable) File Format
Posted Aug 12, 2013
Authored by Nytro

This paper describes the PE (Portable Executable) file format used by Windows executables (.exe), dynamic link libraries (.dll) and other files: system drivers or ActiveX controls. It is written in Romanian.

tags | paper, activex
systems | windows
SHA-256 | a2646c777b4db6e736b6d280dbe7880941e981053a622f50cc9a96c813f0425e
Call Of Duty: Modern Warfare 3 NULL Pointer Dereference
Posted Nov 14, 2012
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This paper describes a pre-auth server-side NULL pointer dereference vulnerability in Call Of Duty: Modern Warfare 3, which is due to an issue related to the DemonWare6 query packets. This vulnerability can be exploited to perform Denial of Service (DoS) attacks against game servers.

tags | advisory, denial of service
SHA-256 | 1db66d6df1c094eebc40c0809e56c80069be073ae8a823feafea42632a3104da
University Of Wisconsin - Madison Cross Site Scripting
Posted Sep 15, 2012
Authored by s4r4d0

The University of Wisconsin suffers from a cross site scripting vulnerability on commarts.wisc.edu.

tags | exploit, xss
SHA-256 | 3c9dbcba637bf78582ce1f17faef4824ab22c796a14ea0dec8e3fac15a409641
Transferable State Attack On Iterated Hashing Functions
Posted Jul 29, 2012
Authored by bwall

This paper describes an attack of the iterated use of hashing functions used as key stretching algorithms where the state of a hash can be transferred to the next hash function.

tags | paper
SHA-256 | 52f96766730e53dd9b718a0a0d0d999d36d38002c0a17023db1db12a5d4196c7
Indexed Blind SQL Injection
Posted Dec 3, 2011
Authored by gamma95

Whitepaper called Indexed Blind SQL Injection. Time based blind SQL attacks suffer from low bit/request ratios. Each request produces only one valuable bit of information. This paper describes a tweak that produces higher yield at the expense of a longer runtime. Along the way, some issues and notes of applicability are also discussed.

tags | paper, sql injection
SHA-256 | 84e74daa46ea6185f1c1f4ee9764bc2315f2a4cf39e46f8dfcea99039a5ecb21
Sophail: A Critical Analysis Of Sophos Antivirus
Posted Aug 4, 2011
Authored by Tavis Ormandy

This paper describes the results of a thorough examination of Sophos Antivirus internals. The author presents a technical analysis of claims made by the vendor, and publishes the tools and reference material required to reproduce their results. Furthermore, they examine the product from the perspective of a vulnerability researcher, exploring the rich attack surface exposed, and demonstrating weaknesses and vulnerabilities.

tags | paper, vulnerability, virus
SHA-256 | 57ecb0848e5b99ef5678dc00d7aabb2718195a8bb23f387f2d5ff429df854455
ProxBrute - Taking Proxcard Cloning To The Next Level
Posted Jan 20, 2011
Authored by Brad Antoniewicz

This paper describes the basic process of using the proxmark3 to clone Proxcards and then introduces ProxBrute, a new tool for brute forcing valid proxcard values.

tags | paper
SHA-256 | 2d0fd9f79fb7dbb051b1d0d095dea1dd28993622fb07d852518c7f7100181d3b
Uber Web Security Scanner 0.0.2
Posted Oct 29, 2009
Authored by noptrix | Site nullsecurity.net

uwss is a web security scanner and used for testing security holes in web applications. It can act as a fuzzer whose objective is to probe the application with various crafted attack strings. uwss is built upon a modular concept.

Changes: Various updates.
tags | tool, web, scanner, fuzzer
systems | unix
SHA-256 | f5889f915e9116c5d6e219bc6ac51f19112545db98937dc7898dbe14386f4937
Google Chrome 3.0 Beta Math.random Vulnerability
Posted Sep 2, 2009
Authored by Amit Klein | Site trusteer.com

The revised Google Chrome Math.random algorithm (included in version 3.0 of Google Chrome) is predictable. This paper describes how Google Chrome 3.0 Math.random's internal state can be reconstructed, and how it can be rolled forward and backward, and how (in Windows) the exact seeding time can be extracted.

tags | paper
systems | windows
SHA-256 | 7b9c83dd2e7273c2190b761a57b11ae0110031308ec5b9aabd23733fed32ae97
Cisco IOS Router Exploitation
Posted Jul 26, 2009
Authored by FX | Site recurity-labs.com

Whitepaper called Cisco IOS Router Exploitation. This paper describes the challenges with the exploitation of memory corruption software vulnerabilities in Cisco IOS. The goal is to map out the problem space in order to allow for the anticipation of developments in the future, as current research suggests that exploitation of such vulnerabilities in the wild is not currently the case. By understanding the challenges that an attacker faces, defensive strategies can be better planned, a required evolution with the current state of Cisco IOS router networks.

tags | paper, vulnerability
systems | cisco
SHA-256 | c8f425e5b59d8610a92403e4d24fbd0a74109b64e2b2600c739f8f66b44a6701
Uber Web Security Scanner
Posted Jul 22, 2009
Authored by noptrix | Site nullsecurity.net

uwss is a web security scanner and used for testing security holes in web applications. It can act as a fuzzer whose objective is to probe the application with various crafted attack strings. uwss is built upon a modular concept.

tags | tool, web, scanner, fuzzer
systems | unix
SHA-256 | 13057a6d9a4ce6617d07316cf3ac864b76984cb10985c54168293dbc49851d8a
Sniffing SAP GUI Passwords
Posted Jul 17, 2009
Authored by Andreas Baus, Rene Ledosquet

This paper describes a practical attack against the protocol used by SAP for client server communication. The purpose of this paper is to clarify the fact that the protocol does not sufficiently protect sensitive information like user names and passwords.

tags | paper, protocol
SHA-256 | f6435814e3afad6ebb4262a9c614cacd418277717cf925da94343a17ae06aa57
University of Washington IMAP Format String
Posted Feb 20, 2009
Authored by Faryad Rahmany | Site rahmany.net

University of Washington IMAP c-client remote format string exploit.

tags | exploit, remote, imap
SHA-256 | 93eb11e4dbaeefc8680706f86bafaf2e85fd7a33490442a5902f564abe43e571
D2T1_-_Petko_Petkov_-_For_My_Next_Trick_-_Client_Side_Hacking.zip
Posted Apr 21, 2008
Authored by Petko Petkov | Site conference.hitb.org

For My Next Trick: Client-Side Hacking - This paper describes numerous techniques for attacking Clients-side technologies. The content of the paper is based the research that has been conducted over past year by the GNUCITIZEN Ethical Hacker Outfit.

SHA-256 | 5114d549b8788fd32a3a932d6dc7a62491c96edcf00a8827b0992a195405db27
Detect Honeypots / Honeywalls Using Hping Whitepaper
Posted Apr 4, 2006
Authored by Amir Alsbih | Site informatik.uni-freiburg.de

This paper describes how to detect Honeypots / Honeywalls by using hping to send an ICMP packet containing shellcode and analyzing the response.

tags | paper, shellcode
SHA-256 | 9239f109f0a37a9b7bfba5c3af51feee113b633f86cd3cd17248aa31a91adb27
vm.pdf
Posted Mar 22, 2006
Authored by Val Smith | Site offensivecomputing.net

Detecting the Presence of Virtual Machines Using the Local Data Table - This paper describes a method for determining the presence of virtual machine emulation in a non-privileged operating environment. This attack is useful for triggering anti-virtualization attacks and evading analysis.

tags | paper, local
SHA-256 | 48ac374b43d646206bf8a59b9cc0aed6ac19a76791acaea176314b493393c68e
MSBugPaper.pdf
Posted Oct 25, 2005
Authored by Cesar | Site argeniss.com

Story of a dumb patch - This paper describes a mistake made by Microsoft in patch MS05-018 where Microsoft failed to properly fix a vulnerability having to release a new patch MS05-049. Hopefully this paper will open the eyes of software vendors to not repeat these kind of mistakes.

tags | paper
SHA-256 | a79eb3b5aa2f5d80efad97626f1bd81b439fa096671c52ff737b3558b91a75e0
WritingSmallShellcode.pdf
Posted Sep 23, 2005
Authored by Dafydd Stuttard | Site ngssoftware.com

This paper describes an attempt to write Win32 shellcode that is as small as possible, to perform a common task subject to reasonable constraints. The solution presented implements a bindshell in 191 bytes of null-free code, and outlines some general ideas for writing small shellcode.

tags | paper, shellcode
systems | windows
SHA-256 | a4631261a3729136f9d6a5d804e1c7cdf1a8baf9350860bdca03b63296b139a2
022805.txt
Posted Mar 1, 2005
Authored by Amit Klein | Site webappsec.org

This paper describes several techniques for exposing file contents using the site search functionality. It is assumed that a site contains documents which are not visible/accessible to external users. Such documents are typically future PR items, or future security advisories, uploaded to the website beforehand. However, the site is also searchable via an internal search facility, which does have access to those documents, and as such, they are indexed by it not via web crawling, but rather, via direct access to the files. Therein lies the security breach.

tags | paper, web
SHA-256 | 95d07a72940beb4eb7d8ef7e8dce89e68ae8dd623e9569d62e531063c6e241f1
Page 1 of 2
Back12Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close