what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

SciTools Understand 2.6 DLL Loading Code Execution
Posted Feb 8, 2012
Authored by LiquidWorm | Site zeroscience.mk

A vulnerability in SciTools Understand version 2.6 is caused due to the application loading libraries (wintab32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening an Understand Project file (.UDB) located on a remote WebDAV or SMB share.

tags | exploit, remote, arbitrary
MD5 | 6182abddc28207b59c1c2e2c05212e36

Related Files

Alphanumeric Shellcode
Posted Jun 12, 2012
Authored by hatter of BHA | Site blackhatacademy.org

Alphanumeric shellcode is similar to ascii shellcode in that it is used to bypass character filters and evade intrusion-detection during buffer overflow exploitation. This article documents alphanumeric code on multiple architectures, but primarily the 64 bit x86 architecture. Alphanumeric shellcode requires a basic understanding of bitwise math, assembly and shellcode.

tags | paper, overflow, x86, shellcode
MD5 | 173b9826b754e13f6f9f58c6e4cc4501
Breaking The Crypt
Posted May 31, 2012
Authored by Sudeep Singh

The purpose of this paper is to make the reader aware of various Hash Cracking Techniques ranging from Basic to Advanced. The intended audience for this paper is those who have a basic understanding of hash cracking and password hashing algorithms.

tags | paper
MD5 | 2192f73ecd17ee8861213770aec2add6
Secunia Security Advisory 47921
Posted Feb 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Zero Science Lab has reported a vulnerability in SciTools Understand, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 2b4592f80208d731b182e4ad51407eb5
Malware Reverse Engineering Part 1 - Static Analysis
Posted Jan 18, 2012
Authored by Rick Flores

This malware report is part 1 of 2. This report is an effort to track, categorize, contain, understand root cause and infection vector of said user account/s, networked equipment or computer/s. This report pertains to all incidents reported by TIER II help desk, TIER III engineers, customer complaints or random IT Security audit/finding/pen test.

tags | paper, root, virus
MD5 | 69bc5bbf5b19339b58ee550bfdd3e451
Hardware Involved Software Attacks
Posted Dec 25, 2011
Authored by Jeff Forristal

Whitepaper called Hardware Involved Software Attacks. Computer security vulnerabilities involving hardware are under-represented within the security industry. With a growing number of attackers, malware, and researchers moving beyond pure software attack scenarios and into scenarios incorporating a hardware element, it is important to start laying a foundation on how to understand, characterize, and defend against these types of hybrid attacks. This paper introduces and details a starting taxonomy of security attacks called hardware involved software attacks, in an effort to further security community awareness of hardware security and its role in upholding the security of the PC platform.

tags | paper, vulnerability
MD5 | 71ecd2fe1142751766ab25085720c584
Dissecting Andro Malware
Posted Sep 8, 2011
Authored by Vadodil Joel Varghese

This white paper aims to understand the operation of an Android malware named "*DroidKungFu 2 - A*" and investigate the parameters, code and structure which is created or modified by this malware. It also highlights the mitigation steps which requires the user and the developer to be proactive.

tags | paper
MD5 | b59041d10719abf989db0f93d68a1726
Digging Inside VxWorks OS And Firmware - Holistic Security
Posted Jul 18, 2011
Authored by Aditya K Sood | Site secniche.org

Whitepaper called Digging Inside VxWorks OS and Firmware - Holistic Security. VxWorks is one of the most widely accepted embedded OSes. In this paper, they have conducted a detailed study of the VxWorks OS security model and firmware in order to understand the potential impact of security vulnerabilities and weaknesses.

tags | paper, vulnerability
MD5 | 2fe7af017754aecc2f68198a7bb61a86
From Unexpected To Understanding The System
Posted Jul 17, 2011
Authored by Meylira Kagaya Eisenberg

Whitepaper called From Unexpected Restart To Understand The System. Written in Indonesian.

tags | paper
MD5 | 4b71c70283df1a29a63f944db56cec89
Understanding Basic Vuln C0de For RCE
Posted May 30, 2011
Authored by eidelweiss

Whitepaper called Understanding Basic Vuln c0de for RCE (Remote Command Execution).

tags | paper, remote
MD5 | 09e326e5f36bd2ffc22ae9a39c4ef33e
Understanding The Heap By Breaking It
Posted May 6, 2011
Authored by Justin N. Ferguson

Whitepaper called Understanding the heap by breaking it. A case study of the heap as a persistent data structure through non-traditional exploitation techniques.

tags | paper
MD5 | b377f5b8143510f6dae95608e5b28fc3
Cisco Security Response 20110505-ios
Posted May 5, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Response - Cisco PSIRT is actively working with NCNIPC (China) to further understand the details of what is reported in the bugtraq postings. At this stage Cisco PSIRT cannot confirm the existence of any new vulnerabilities in Cisco IOS Software based on the information that is currently available.

tags | advisory, vulnerability
systems | cisco
MD5 | 8b5f387cd56f8a9c47fc41125a608286
Understanding The ARM Architecture
Posted Mar 10, 2011
Authored by f0nt_Drk

Whitepaper called Understanding the ARM Architecture. Written in Portuguese.

tags | paper
MD5 | c82e859ecbcdf2016a6f46cce2e3fb10
Cisco IOS Router Exploitation
Posted Jul 26, 2009
Authored by FX | Site recurity-labs.com

Whitepaper called Cisco IOS Router Exploitation. This paper describes the challenges with the exploitation of memory corruption software vulnerabilities in Cisco IOS. The goal is to map out the problem space in order to allow for the anticipation of developments in the future, as current research suggests that exploitation of such vulnerabilities in the wild is not currently the case. By understanding the challenges that an attacker faces, defensive strategies can be better planned, a required evolution with the current state of Cisco IOS router networks.

tags | paper, vulnerability
systems | cisco
MD5 | e3af39385998611d3c8c240c4d54b972
Understanding SQL Injection
Posted May 27, 2009
Authored by k4m1k451

Whitepaper called Understanding SQL Injection. Written in Portuguese.

tags | paper, sql injection
MD5 | 9a48f599510d430bf04f7b2827cfd6a0
wasc_wass_2007.pdf
Posted Sep 8, 2008
Site webappsec.org

The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2007. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape. The overall statistics includes analysis results of 32,717 sites and 69,476 vulnerabilities of different degrees of severity.

tags | paper, web, vulnerability
MD5 | 86567ab3f61b08ab7690e05b87500656
firehol-1.273.tar.bz2
Posted Jul 31, 2008
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: See changelog.
tags | tool, spoof, firewall
systems | linux
MD5 | cbbe1ba21cf44955827d5c906a55aa21
browser_insecurity_iceberg_2008.pdf
Posted Jul 1, 2008
Authored by Gunter Ollmann, Stefan Frei, Thomas Duebendorfer, Martin May

Understanding the Web browser threat: Examination of vulnerable online Web browser populations and the "insecurity iceberg".

tags | paper, web
MD5 | af684f84277d52eb31988b9ac44515b2
Reverse.Engineering.AntiCracking.Techniques.pdf
Posted Jun 26, 2008
Authored by Glafkos Charalambous, George Nicolaou | Site astalavista.com

This paper was written to give a better understanding of the various approaches taken in reverse engineering. It also provides insight into proper software design to protect sensitive data, etc.

tags | paper
MD5 | b40d518a0f6862e155625d7d982d2836
d3vscan-alpha8.bz2
Posted Apr 4, 2008
Authored by devtar | Site d3vscan.sourceforge.net

d3vscan is a network manager that is able to uniquely identify and graphically plot network and bluetooth devices to provide a higher degree of understanding of a particular network. It is also simple enough to be used by an average end user.

Changes: Windows installer added. Vulnerability scanner plugin released. Several bug fixes.
tags | tool, wireless
MD5 | 0a9312d18748a2db3f19b727cab30ddd
d3vscan-alpha7.tar
Posted Mar 12, 2008
Authored by devtar | Site d3vscan.sourceforge.net

d3vscan is a network manager that is able to uniquely identify and graphically plot network and bluetooth devices to provide a higher degree of understanding of a particular network. It is also simple enough to be used by an average end user.

Changes: Project functionality objectives reached.
tags | tool, wireless
MD5 | 832f64726a9c28e1d76878dc5950c57b
alpha6.tar.gz
Posted Feb 26, 2008
Authored by devtar | Site d3vscan.sourceforge.net

d3vscan is a network manager that is able to uniquely identify and graphically plot network and bluetooth devices to provide a higher degree of understanding of a particular network. It is also simple enough to be used by an average end user.

tags | tool, wireless
MD5 | 133e65f86cced67f87cab1f81574f76b
Cisco_IOS_Exploitation_Techniques.pdf
Posted Jun 28, 2007
Authored by Gyan Chawdhary | Site irmplc.com

It has been more than a year since Michael Lynn first demonstrated a reliable code execution exploit on Cisco IOS at Black Hat 2005. Although his presentation received a lot of media coverage in the security community, very little is known about the attack and the technical details surrounding the IOS check_heaps() vulnerability. This paper is a result of research carried out by IRM to analyze and understand the check_heaps() attack and its impact on similar embedded devices.

tags | paper, code execution
systems | cisco
MD5 | de1e5098e579eb286a1dbc30729d80a5
firehol-1.256.tar.bz2
Posted May 23, 2007
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: See changelog.
tags | tool, spoof, firewall
systems | linux
MD5 | ebf11d2cd9336316c054cb57d1fa7b4e
firehol-1.255.tar.bz2
Posted May 22, 2007
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: See changelog.
tags | tool, spoof, firewall
systems | linux
MD5 | 80dfda807bcffadb49f5363a07369b42
dotnet-bypass.txt
Posted Apr 7, 2007
Authored by Adrian Pastor, Richard Brain, Jan Fry | Site procheckup.com

By understanding how ASP .NET malicious request filtering functions, ProCheckUp has found that it is possible to bypass ASP .NET request filtering and perform cross site scripting and HTML injection attacks.

tags | exploit, xss, asp, bypass
MD5 | 97e745c033ec1da194ffc67d0bfca3af
Page 1 of 4
Back1234Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    27 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close