what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed


Posted Dec 3, 2002
Authored by teso, Sebastian Krahmer | Site team-teso.net

Execution Path Timing Analysis of Unix Daemons - White paper on how to determine if a username is valid remotely by timing remote responses of login programs. OpenSSH diff against v2.99p2 which determines if a username exists even on the newest versions of OpenSSH included.

tags | remote
systems | unix
MD5 | 3652eb952d213483c1e22f10b941883d

Related Files

Fuzzgrind Automatic Fuzzing Tool
Posted Jul 8, 2009
Authored by Gabriel Campana | Site security-labs.org

Fuzzgrind is a fully automatic fuzzing tool, generating test files with the purpose of discovering new execution paths likely to trigger bugs and potentially vulnerabilities. It is based on the concept of symbolic execution. Thus, the tool starts from a file considered valid by the software under test, and analyses the execution path to extract any constraints tied to branch instructions followed by this software. By resolving constraints one by one, Fuzzgrind will alter the valid file to explore possible new branches of the software under test, in order to discover new vulnerabilities.

tags | vulnerability, fuzzer
MD5 | d7562677b43cb10b288830b22bf9c423
Posted Apr 29, 2006
Site symantec.com

Some components of Symantecs LiveUpdate for Macintosh do not set their execution path environment. A non-privileged user can change their execution path environment. If the user then executes one of these components, it will inherit the changed environment and use it to locate system commands. These components are configured to run with System Administrative privileges (SUID) and are vulnerable to a potential Trojan horse attack.

tags | advisory, trojan
MD5 | 1bffdabb2b2b733a2aa7f350cdcbd684
Posted Apr 26, 2006
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-06:14.fpu - FPU information disclosure: On affected processors, a local attacker can monitor the execution path of a process which uses floating-point operations. This may allow an attacker to steal cryptographic keys or other sensitive information.

tags | local, info disclosure
systems | freebsd
MD5 | d416397c0cde6ec1455f60ec239ed5c6
Posted Oct 26, 2004
Site security.lss.hr

ProFTPD 1.2.x suffers from a vulnerability that allow for remote user enumeration. It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at the ProFTPD login procedure.

tags | advisory, remote, code execution
MD5 | 1aeaa1eb452e6441593f2ccfbff5242d
Posted Feb 16, 2004
Authored by Edgar Barbosa

Article discussing how to bypass the Execution Path Analysis used by the PatchFinder utility, avoiding Windows 2k/XP rootkit detection.

tags | paper
systems | windows, 2k
MD5 | 1b7c12d5a2c92ff9de2469db1560d07a
Posted Jul 24, 2002
Authored by phrack | Site phrack.org

Phrack Magazine Issue 59 Release Candidate 1 - In this issue: Handling the Interrupt Descriptor Table, Advances in kernel hacking II, Defeating Forensic Analysis on Unix, Advances in format string exploitation, Runtime process infection, Bypassing PaX ASLR protection, Execution path analysis: finding kernel rootkits, Cuts like a knife, SSHarp, Building ptrace injecting shellcodes, Linux/390 shellcode development, Writing linux kernel keyloggers, Cryptographic random number generators, Playing with windows /dev/(k)mem, Phrack World News, Loopback, and Linenoise.

tags | kernel, shellcode, magazine
systems | linux, windows, unix
MD5 | fa1d072634c3b9d837e4acb74b7041ab
Posted Apr 2, 2000

ExecTrace is a linux only debugging tool that logs to a file the execution path of a child process using ptrace. This is good when you have a program that continually segfaults and you want to know where and why.

systems | linux
MD5 | f6a5338e4cad46857cdb3725686c98cf
Page 1 of 1

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    1 Files
  • 28
    Sep 28th
    20 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By