exploit the possibilities
Showing 1 - 21 of 21 RSS Feed


Exploiting Game Engines For Fun and Profit
Posted May 19, 2013
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This presentation discusses what to look for and how to go about exploiting game engines.

tags | paper
MD5 | 2bedf09d0bf1238d5c2ae2a8ac8268bf

Related Files

MDSec Exploitation Notes On CVE-2014-0160
Posted May 1, 2014
Authored by Hacker Fantastic

This presentation is a set of slides that gives an overview of the Heartbleed vulnerability.

tags | paper
MD5 | 35092de9bad17f715d8d815c0544981e
Fully Arbitrary 802.3 Packet Injection: Maximizing The Ethernet Attack Surface
Posted Aug 2, 2013
Authored by Andrea Barisani, Daniele Bianco | Site inversepath.com

It is generally assumed that sending and sniffing arbitrary, Fast Ethernet packets can be performed with standard Network Interface Cards (NIC) and generally available packet injection software. However, full control of frame values such as the Frame Check Sequence (FCS) or Start-of-Frame delimiter (SFD) has historically required the use of dedicated and costly hardware. This presentation, given at Blackhat 2013, dissects Fast Ethernet layer 1 and 2 presenting novel attack techniques supported by an affordable hardware setup that, using customized firmware, allows fully arbitrary frame injection. Proof of concept code also included.

tags | paper, arbitrary, proof of concept
systems | linux
MD5 | 1dace7812895df9b7323841146cc1e00
Hacking Hollywood Presentation Slides
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

These are the slides from the Hacking Hollywood presentation given at Ruxcon 2011. It documents vulnerabilities that the researcher discovered in various pieces of software in use by large Hollywood studios. Be sure to check out the related files for this presentation as there are multiple proof of concept exploits and advisories.

tags | paper, vulnerability, proof of concept
MD5 | 312ad3c5b5dbc495b7789bb12a1e8b75
Clickjacking For Shells
Posted Sep 21, 2011
Authored by Andrew Horton (urbanadventurer) | Site security-assessment.com

Whitepaper called Clickjacking for Shells. Two years after the world was warned about clickjacking, popular web apps are still vulnerable and no web app exploits have been published. With many security pros considering clickjacking to have mere nuisance value on social networks, the attack is grossly underestimated. In this presentation, the author demonstrates step by step how to identify vulnerable applications, how to write exploits that attack web apps and also how to protect against clickjacking.

tags | paper, web, shell
MD5 | 92e4924002079bb3c456c65201f796ab
Posted Apr 21, 2008
Authored by Walter Goulet, Benjamin Hagen | Site conference.hitb.org

Real World Attacks Against 3G Networks Using Subscriber Devices - Cellular networks, like any other data network, requires careful attention to network design such as proper segmentation of subscriber generated traffic from network management and signaling traffic. This presentation discusses an attack penetration method using only standard subscriber equipment to compromise an operator network.

MD5 | 0754f579735e10e3a81025c89d98d37a
Posted Apr 21, 2008
Authored by Alessio L.R. Pennasilico | Site conference.hitb.org

VoIP (in)Security: Italians Do It Better - This presentation will explain in detail how a small group of annoyed Italian VoIP hackers used the Chaos Computer Club phone network during the 2007 Hacker camp for fun and profit.

MD5 | 96f53db40ad65372bf9d175be7e5a7cb
Posted Apr 21, 2008
Authored by Rodrigo Rubira Branco | Site conference.hitb.org

Hacking The Cell Architecture - This presentation intends to cover security aspects related to a new architecture, widely deployed and used called Cell. The architecture itself will be deeply explained, focusing on the security concerns that appear in this kind of asymmetric multi-core systems. While Cell architecture is used in the new playstation 3 it is also used in big blade machines.

MD5 | 9e2563c5bf685236ca07288792d6e09a
Posted Apr 21, 2008
Authored by Alexander Kornbrust | Site conference.hitb.org

Practical Oracle Forensics - Oracle forensics is a new discipline without special tools/scripts. Most presentations about Oracle forensics are still very basic. The typical approach in these presentations is to show what tools/(log)files are available to do forensics. In the real world with huge databases (many GB, sometimes TB) it is normally not helpful. This presentation is using a different approach. Based on the different type of attackers (leaving employee, nosy DBA/employee, external hacker etc.) we have different traces in Oracle and we show in different scenarios how to find evidence. We provide a free toolset to do a (basic) forensic analysis without having deep Oracle knowledge.

MD5 | 129a331ab4dceca1f3a724bcc9488140
Posted Apr 21, 2008
Authored by Cesar Cerrudo | Site conference.hitb.org

Token Kidnapping - This presentation is about a new technique for elevating privileges on Windows mostly from services, this technique exploits design weaknesses in Microsoft Windows XP, 2003, Vista and even Windows 2008. While in Windows Vista and 2008 many new security protections have been added, because of other weaknesses some of the new protection mechanisms are almost useless.

systems | windows, xp, vista
MD5 | c6b3d60974ac3f57fd6280046e499b17
Posted Oct 11, 2005
Authored by Dave Aitel

Nematodes (Beneficial Worms) - This presentation presents concepts for taking expoitation frameworks into the next evolution: solving complex security problems by generating robustly controllable beneficial worms. The Why, How, and What of Nematode creation are discussed, along with some concepts in Mesh routing. Problems discussed include legal issues, controlling your worm, writing an intermediate language, the Nematode Intermediate Language (NIL) for writing robust worms, reliability problems, commications protocols, and future work.

tags | worm, protocol
MD5 | e42fc288392a06c2255e543ec15ac8e2
Posted Oct 11, 2005
Authored by Jim Geovedi

Hotspot Security - This presentation covers the basic approach behind Wi-Fi hotspot security design and architecture. During the presentation, vulnerabilities and methods for exploiting Wi-Fi hotspots were shown.

tags | vulnerability
MD5 | ce74e4cac2e465a1ab89c4389fd2dd31
Posted Oct 11, 2005
Authored by Dr. Jose Nazario

Analysing All That Data - This presentation will introduce you to a number of techniques for making sense of large collections of data, including sorting and clustering techniques, fuzzy matching, and trend analysis. These techniques have applicability in numerous applications, such as mail filtering and network event analysis.

MD5 | d0829aff0164819389729794a757c132
Posted Oct 11, 2005
Authored by Shreeraj Shah

Web Hacking Kung-Fu and Art of Defense - Web attacks are on the rise and new methods of hacking are evolving. This presentation covers the new methodologies for web application footprinting, discovery and information gathering with a new range of tools.

tags | web
MD5 | 17e8afa0c717088cac1ff757c5e00bb9
Posted Oct 11, 2005
Authored by Fabrice Marie

Hacking Internet Banking Applications - This presentation highlights the solutions to some of the challenges the banks will face online to ensure that their data handling practices are compliant with their country's privacy regulations and banking regulations among others.

MD5 | 12e6750c604b2b31ec66cfd52f458650
Posted Sep 26, 2005
Authored by Kenneth F. Belva | Site ftusecurity.com

This presentation was given by the keynote speaker at the FiTech Summit 2005. It is entitled "How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk".

tags | paper
MD5 | 5131f07bb7a4df687b2eb4106ce4c174
Posted Feb 6, 2005
Authored by Esteban Martinez Fayo | Site security-papers.globint.com.ar

This presentation explores new methods in exploiting SQL injection vulnerabilities inherent in Oracle Database. It contains a presentation with 37 slides and various exploits that demonstrate examples of flaws.

tags | paper, vulnerability, sql injection
MD5 | ca05f9b7e93a0d18ffbf0046f5a4908e
Posted Oct 26, 2004
Authored by kamal hilmi othman | Site conference.hackinthebox.org

Honeypot and Internet Background Noise - Lesson Learned. HITB 04 presentation by Kamal Hilmi Othman. Recently, honeypots have been one of the hottest issues around network security discussions. This presentation discussed highlights of the honeypot - from its earliest incarnation to the current state of the technology. It also addresses some of the mechanisms that can be deployed in order to capture intruder activity. This also discusses other mechanisms that can be easily deployed without much risk - detecting "Internet Background Noise". The results of implementations were discussed.

MD5 | e2fec23221cb514798e358e36971cbd2
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by Shreeraj Shah: "Web Services - Attacks and Defense Strategies, Methods and Tools". The web service is the new security Lego Land. The main building blocks are UDDI, SOAP and WSDL. This presentation will briefly touch upon each of these aspects.

tags | web
MD5 | f5527040ba419e69ce57ec9a0c98ce99
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by Roberto Preatoni and Fabio Ghioni: " Asymmetric Warfare and Interception Revealed". Discription from HITB: An indepth explanation of everything you've ever wanted to know about how to evade interception and how you get intercepted anyway. This presentation will cover a strategic (with a little technology) overview of a basic asymmetric warfare battleplans. Items that will be discussed include: 1) Types of interception implemented as of today and what will be implemented in the near future 2) Technology set up for National Security and Critical Infrastructure protection: Defensive and Offensive capabilities of the deployed Multi-Dimensional Asymmetric Warfare Array. 3) Examples of Governmental and Business implementations of the complete array or modules of the above 4) Potential impacts of such technology on both privacy and national security 5) Cyber attacks : an abstract built on Zone-H's experience

MD5 | fbaa10ece09dbb0fb8db3b5e3e9acdf9
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by Emmanuel Gadaix: "Phreaking in the 2 1st Century". Blueboxing and "old school" phreaking is basically dead in most of the world. However, is phreaking dead? This presentation discusses phreaking ag ainst signaling by compromising SS7 nodes and discusses mobile platforms like GP RS, SMS+MMS, etc.

MD5 | bc298b63199217aa757b55ffb064176b
Posted Apr 23, 2004
Authored by Paul A. Watson | Site terrorist.net

Powerpoint presentation by Paul (Tony) Watson entitled Slipping in the Window: TCP Reset Attacks. This presentation was original given at CanSecWest 2004.

tags | paper, tcp, protocol
advisories | CVE-2004-0230
MD5 | a1b0b84aa9945d244882a533e78ee295
Page 1 of 1

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    15 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By