exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed


Exploiting Game Engines For Fun and Profit
Posted May 19, 2013
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This presentation discusses what to look for and how to go about exploiting game engines.

tags | paper
SHA-256 | 19c17c8c8f9f909e61f6f1dc27550abd5f28f40ed4090d437df048b0efb363af

Related Files

MDSec Exploitation Notes On CVE-2014-0160
Posted May 1, 2014
Authored by Hacker Fantastic

This presentation is a set of slides that gives an overview of the Heartbleed vulnerability.

tags | paper
SHA-256 | 7278e4408858b07591a56dec3e0ae59d2bbaf5470e4ff7aa8258235334b9a0df
Fully Arbitrary 802.3 Packet Injection: Maximizing The Ethernet Attack Surface
Posted Aug 2, 2013
Authored by Andrea Barisani, Daniele Bianco | Site inversepath.com

It is generally assumed that sending and sniffing arbitrary, Fast Ethernet packets can be performed with standard Network Interface Cards (NIC) and generally available packet injection software. However, full control of frame values such as the Frame Check Sequence (FCS) or Start-of-Frame delimiter (SFD) has historically required the use of dedicated and costly hardware. This presentation, given at Blackhat 2013, dissects Fast Ethernet layer 1 and 2 presenting novel attack techniques supported by an affordable hardware setup that, using customized firmware, allows fully arbitrary frame injection. Proof of concept code also included.

tags | paper, arbitrary, proof of concept
systems | linux
SHA-256 | bb338be7787778fc49af36b5ed03c58f82629edba14f5a75966b83f8bf58fd3c
Hacking Hollywood Presentation Slides
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

These are the slides from the Hacking Hollywood presentation given at Ruxcon 2011. It documents vulnerabilities that the researcher discovered in various pieces of software in use by large Hollywood studios. Be sure to check out the related files for this presentation as there are multiple proof of concept exploits and advisories.

tags | paper, vulnerability, proof of concept
SHA-256 | 011cfd9dd1552c8137cc5620c4e38a3b1986aa931e278523ef781e70dd75adf5
Clickjacking For Shells
Posted Sep 21, 2011
Authored by Andrew Horton | Site security-assessment.com

Whitepaper called Clickjacking for Shells. Two years after the world was warned about clickjacking, popular web apps are still vulnerable and no web app exploits have been published. With many security pros considering clickjacking to have mere nuisance value on social networks, the attack is grossly underestimated. In this presentation, the author demonstrates step by step how to identify vulnerable applications, how to write exploits that attack web apps and also how to protect against clickjacking.

tags | paper, web, shell
SHA-256 | b6184ace78ff59c01b98abf9251555c43de66e1e8499ccd4c6717f23c36d980f
Posted Apr 21, 2008
Authored by Walter Goulet, Benjamin Hagen | Site conference.hitb.org

Real World Attacks Against 3G Networks Using Subscriber Devices - Cellular networks, like any other data network, requires careful attention to network design such as proper segmentation of subscriber generated traffic from network management and signaling traffic. This presentation discusses an attack penetration method using only standard subscriber equipment to compromise an operator network.

SHA-256 | c2b5f9e80c71804ccb26604ad9550c6930b0b9297f7d33af74c0487029f4cf46
Posted Apr 21, 2008
Authored by Alessio L.R. Pennasilico | Site conference.hitb.org

VoIP (in)Security: Italians Do It Better - This presentation will explain in detail how a small group of annoyed Italian VoIP hackers used the Chaos Computer Club phone network during the 2007 Hacker camp for fun and profit.

SHA-256 | 518efe57180ba0d7c5e64792e43454b24d3d1634ef0768699047b17df11fd79b
Posted Apr 21, 2008
Authored by Rodrigo Rubira Branco | Site conference.hitb.org

Hacking The Cell Architecture - This presentation intends to cover security aspects related to a new architecture, widely deployed and used called Cell. The architecture itself will be deeply explained, focusing on the security concerns that appear in this kind of asymmetric multi-core systems. While Cell architecture is used in the new playstation 3 it is also used in big blade machines.

SHA-256 | 6652d0e5155144577fa230a1ebfc66f7778e0db6b263a9c2ec8f132977fb67e3
Posted Apr 21, 2008
Authored by Alexander Kornbrust | Site conference.hitb.org

Practical Oracle Forensics - Oracle forensics is a new discipline without special tools/scripts. Most presentations about Oracle forensics are still very basic. The typical approach in these presentations is to show what tools/(log)files are available to do forensics. In the real world with huge databases (many GB, sometimes TB) it is normally not helpful. This presentation is using a different approach. Based on the different type of attackers (leaving employee, nosy DBA/employee, external hacker etc.) we have different traces in Oracle and we show in different scenarios how to find evidence. We provide a free toolset to do a (basic) forensic analysis without having deep Oracle knowledge.

SHA-256 | 20612b361c886e97ff98ce3ea92f2c60e6d189c077a2b13341e46c3521bd8f78
Posted Apr 21, 2008
Authored by Cesar Cerrudo | Site conference.hitb.org

Token Kidnapping - This presentation is about a new technique for elevating privileges on Windows mostly from services, this technique exploits design weaknesses in Microsoft Windows XP, 2003, Vista and even Windows 2008. While in Windows Vista and 2008 many new security protections have been added, because of other weaknesses some of the new protection mechanisms are almost useless.

systems | windows
SHA-256 | 40e7a53ef53b12614b71cc8defc384e185161986510e109617ac0fd30faa1aaf
Posted Oct 11, 2005
Authored by Dave Aitel

Nematodes (Beneficial Worms) - This presentation presents concepts for taking expoitation frameworks into the next evolution: solving complex security problems by generating robustly controllable beneficial worms. The Why, How, and What of Nematode creation are discussed, along with some concepts in Mesh routing. Problems discussed include legal issues, controlling your worm, writing an intermediate language, the Nematode Intermediate Language (NIL) for writing robust worms, reliability problems, commications protocols, and future work.

tags | worm, protocol
SHA-256 | 446fdad6f1cbb3d6964e71c5e4b8c7eeb406f2582978a27b2314f9e084849e8d
Posted Oct 11, 2005
Authored by Jim Geovedi

Hotspot Security - This presentation covers the basic approach behind Wi-Fi hotspot security design and architecture. During the presentation, vulnerabilities and methods for exploiting Wi-Fi hotspots were shown.

tags | vulnerability
SHA-256 | 0a7dede863446f901b020b5e8cb5a16104df67c26c0d8e604dfe1df366228110
Posted Oct 11, 2005
Authored by Dr. Jose Nazario

Analysing All That Data - This presentation will introduce you to a number of techniques for making sense of large collections of data, including sorting and clustering techniques, fuzzy matching, and trend analysis. These techniques have applicability in numerous applications, such as mail filtering and network event analysis.

SHA-256 | 78f674bd1b1fa124c6336b7c2bbbb4422f9e8541e79202822c6a8a18f5329d3e
Posted Oct 11, 2005
Authored by Shreeraj Shah

Web Hacking Kung-Fu and Art of Defense - Web attacks are on the rise and new methods of hacking are evolving. This presentation covers the new methodologies for web application footprinting, discovery and information gathering with a new range of tools.

tags | web
SHA-256 | 4f5e29a13a9a3f08a42d17d1c4729596c7602ec6f82c8722ba9f630ca7c3ecff
Posted Oct 11, 2005
Authored by Fabrice Marie

Hacking Internet Banking Applications - This presentation highlights the solutions to some of the challenges the banks will face online to ensure that their data handling practices are compliant with their country's privacy regulations and banking regulations among others.

SHA-256 | facb6cdfb8969d787b7bc3da4d2632a5a0ded6a4605b14a9726466d683898afb
Posted Sep 26, 2005
Authored by Kenneth F. Belva | Site ftusecurity.com

This presentation was given by the keynote speaker at the FiTech Summit 2005. It is entitled "How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk".

tags | paper
SHA-256 | 3ab52b06315c51be5592e0eb263596d926684a34f932ce28649184d7e7e1d185
Posted Feb 6, 2005
Authored by Esteban Martinez Fayo | Site security-papers.globint.com.ar

This presentation explores new methods in exploiting SQL injection vulnerabilities inherent in Oracle Database. It contains a presentation with 37 slides and various exploits that demonstrate examples of flaws.

tags | paper, vulnerability, sql injection
SHA-256 | 40233cb1502c958361ff1184ec472b9a2194b8341030a7d5db67ad47bf88d951
Posted Oct 26, 2004
Authored by kamal hilmi othman | Site conference.hackinthebox.org

Honeypot and Internet Background Noise - Lesson Learned. HITB 04 presentation by Kamal Hilmi Othman. Recently, honeypots have been one of the hottest issues around network security discussions. This presentation discussed highlights of the honeypot - from its earliest incarnation to the current state of the technology. It also addresses some of the mechanisms that can be deployed in order to capture intruder activity. This also discusses other mechanisms that can be easily deployed without much risk - detecting "Internet Background Noise". The results of implementations were discussed.

SHA-256 | 2b95f386971778dfaef94a27131502b819f2c998bb0da751cfa7e935a1cbbe24
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by Shreeraj Shah: "Web Services - Attacks and Defense Strategies, Methods and Tools". The web service is the new security Lego Land. The main building blocks are UDDI, SOAP and WSDL. This presentation will briefly touch upon each of these aspects.

tags | web
SHA-256 | c547966dd6835cc87a35eed5fa96c90b60b0f10f95e16735648e931f53b14d5d
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by Roberto Preatoni and Fabio Ghioni: " Asymmetric Warfare and Interception Revealed". Discription from HITB: An indepth explanation of everything you've ever wanted to know about how to evade interception and how you get intercepted anyway. This presentation will cover a strategic (with a little technology) overview of a basic asymmetric warfare battleplans. Items that will be discussed include: 1) Types of interception implemented as of today and what will be implemented in the near future 2) Technology set up for National Security and Critical Infrastructure protection: Defensive and Offensive capabilities of the deployed Multi-Dimensional Asymmetric Warfare Array. 3) Examples of Governmental and Business implementations of the complete array or modules of the above 4) Potential impacts of such technology on both privacy and national security 5) Cyber attacks : an abstract built on Zone-H's experience

SHA-256 | 605b7168d15089625d01d2ab954732be978f534932ec03f631febffe4f06a79c
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by Emmanuel Gadaix: "Phreaking in the 2 1st Century". Blueboxing and "old school" phreaking is basically dead in most of the world. However, is phreaking dead? This presentation discusses phreaking ag ainst signaling by compromising SS7 nodes and discusses mobile platforms like GP RS, SMS+MMS, etc.

SHA-256 | 052dc872d66303fc4716ab5a007369803363bb767903cf4f6d1540a1d40cdd11
Posted Apr 23, 2004
Authored by Paul A. Watson | Site terrorist.net

Powerpoint presentation by Paul (Tony) Watson entitled Slipping in the Window: TCP Reset Attacks. This presentation was original given at CanSecWest 2004.

tags | paper, tcp, protocol
advisories | CVE-2004-0230
SHA-256 | 4f85642177fadaf502f5453c60487ed284954f6cd7b7bd287b3cc64afdcc4ec0
Page 1 of 1

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By