Twenty Year Anniversary
Showing 1 - 25 of 330 RSS Feed

Files

Smashing Smart Contracts
Posted Apr 13, 2018
Authored by Bernhard Mueller

This pop-scientific conference paper introduces Mythril, a security analysis tool for Ethereum smart contracts, and its symbolic execution backend LASER-Ethereum. The first part of the paper explains symbolic execution of Ethereum bytecode in a largely formal manner. The second part showcases the vulnerability detection modules already implemented in Mythril. The modules use a pragmatic mix of static analysis, symbolic analysis and control flow checking.

tags | paper
MD5 | 689b059f5f52ffa4211e9e02e8310af5
Web Application Penetration Testing
Posted Mar 20, 2018
Authored by Manh Pham Tien

This is a whitepaper that goes over methodologies for web application penetration testing. It is very thorough with examples and overviews.

tags | paper, web
MD5 | dc7320a4b2fa3f14e7eb81e598507f31
Meltdown - Bypassing Intel's Hardware Barrier
Posted Jan 4, 2018
Authored by Yuval Yarom, Michael Schwarz, Mike Hamburg, Moritz Lipp, Paul Kocher, Werner Haas, Thomas Prescher, Stefan Mangard, Daniel Gruss, Daniel Genkin

Whitepaper called Meltdown. It discusses how you can bypass Intel's hardware barrier between applications and the computer's core memory.

tags | paper
MD5 | 7e062aa9d394c19c6c994fa36a6196e6
Spectre Attacks: Exploiting Speculative Execution
Posted Jan 4, 2018
Authored by Yuval Yarom, Michael Schwarz, Mike Hamburg, Moritz Lipp, Paul Kocher, Werner Haas, Thomas Prescher, Stefan Mangard, Daniel Gruss, Daniel Genkin

Whitepaper called Spectre Attacks: Exploiting Speculative Execution. It discusses how to trick error-free applications into giving up secret information.

tags | paper
advisories | CVE-2017-5715, CVE-2017-5753
MD5 | 6967810094670a0978da20db86fbfadc
New Methods Of Payload Delivery - MSFVenom
Posted Jun 9, 2017
Authored by Zed Hamad

Short whitepaper called New Methods of Payload Delivery - MSFVenom.

tags | paper
MD5 | 9dec8285aef4b1f15a2800a8e8f209b5
EternalBlue Exploit Analysis And Port To Microsoft Windows 10
Posted Jun 7, 2017
Authored by Sean Dillon, Dylan Davis

On April 14, 2017, the Shadow Brokers Group released the FUZZBUNCH framework, an exploitation toolkit for Microsoft Windows. The toolkit was allegedly written by the Equation Group, a highly sophisticated threat actor suspected of being tied to the United States National Security Agency (NSA). The framework included ETERNALBLUE, a remote kernel exploit originally targeting the Server Message Block (SMB) service on Microsoft Windows XP (Server 2003) and Microsoft Windows 7 (Server 2008 R2). In this paper, the RiskSense Cyber Security Research team analyzes how using wrong-sized CPU registers leads to a seemingly innocuous mathematical miscalculation. This causes a chain reaction domino effect ultimately culminating in code execution, making ETERNALBLUE one of the most complex exploits ever written. They will discuss what was necessary to port the exploit to Microsoft Windows 10, and future mitigations Microsoft has already deployed, which can prevent vulnerabilities of this class from being exploited in the future. The FUZZBUNCH version of the exploit contains an Address Space Layout Randomization (ASLR) bypass, and the Microsoft Windows 10 version required an additional Data Execution Prevention (DEP) bypass not needed in the original exploit.

tags | paper, remote, kernel, vulnerability, code execution
systems | windows, xp, 7
MD5 | 0e04e472a5f9e98389f5f1e13ec2bf50
How FlexiSpy Was Hacked
Posted Apr 26, 2017
Authored by fleximinx

A write up by the hacker who hacked FlexiSpy.

tags | paper
MD5 | 749511fa1b92d7722d352af8137558ce
HackBack - A DIY Guide For Those Without The Patience To Wait For Whistleblowers
Posted Apr 26, 2017
Authored by Phineas Fisher

Whitepaper entitled HackBack - A DIY Guide for those without the patience to wait for whistleblowers.

tags | paper
MD5 | b557eab1296015871663c2a205da3ccd
HackBack - A DIY Guide, Spanish Version
Posted Apr 26, 2017
Authored by Phineas Fisher

Whitepaper entitled HackBack - A DIY Guide. Written in Spanish.

tags | paper
MD5 | 1e4a3a38e424f1f49d5678019db173bd
HackBack - A DIY Guide
Posted Apr 26, 2017
Authored by Phineas Fisher

Whitepaper entitled HackBack - A DIY Guide.

tags | paper
MD5 | cb504760265cc4bebfc1f9114b25fef9
Remote Exploitation Of An Unaltered Passenger Vehicle
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This paper outlines the research into performing a remote attack against an unaltered 2014 Jeep Cherokee and similar vehicles that results in physical control of some aspects of the vehicle. Hopefully this additional remote attack research can pave the road for more secure connected cars in our future by providing this detailed information to security researchers, automotive manufacturers, automotive suppliers, and consumers.

tags | paper, remote
MD5 | 8ef1c05f03804965a8e0959a7cddb361
CAN Message Injection - OG Dynamite Edition
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This paper investigates why physical control inconsistencies exist and present techniques that can be leveraged to more fully obtain control of the physical systems of the car while only injecting CAN bus messages. It also discusses ways to makes these systems more robust to CAN message injection.

tags | paper
MD5 | 25920aec7946aa6f96de1c56e09a1183
A Survey Of Remote Automotive Attack Surfaces
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

Whitepaper called A Survey of Remote Automotive Attack Surfaces. This paper attempts to analyze numerous automobiles varying in production year to show how remote attack surfaces have evolved with time and to try to quantify the difficulty of a remote attack for a variety of different automobiles. This analysis will include how large the remote attack surface is, how segmented the ECUs which have physical control of the automobile are from those accepting external input, and the features present in the automobile which allow computers to physically control it. Additionally, this paper recommends defensive strategies including an IDS-type system to detect and prevent these types of attacks.

tags | paper, remote
MD5 | 57b3fa5787893314a0300f8c18e243a7
Car Hacking: For Poories A.K.A. Car Hacking Too: Electric Boogaloo
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This whitepaper is a follow-up on car hacking that was an attempt to reduce this barrier to entry so more researchers could get involved.

tags | paper
MD5 | eb246a73301a997dcab1f41718591906
nt!_SEP_TOKEN_PRIVILEGES Single Write EoP Protection
Posted Apr 21, 2017
Authored by Kyriakos Economou

This is a write up detailing how abusing enabled token privileges through a kernel exploit to gain elevation of privilege won't be enough anymore. From NT kernel version 10.0.15063 they are checked against the privileges present in the token of the calling process so an attacker needs to use two writes.

tags | paper, kernel
MD5 | 30228610ed457bed8670b8f3dcfdd1b6
How To Exploit EternalBlue And DoublePulsar Spanish Version
Posted Apr 20, 2017
Authored by Sheila A. Berta

Whitepaper explaining how to exploit EternalBlue and DoublePulsar to get an empire/meterpreter session on Windows 7 and 2008. Spanish version of this paper.

tags | paper
systems | windows, 7
MD5 | 6074d8aecbb5bfe4f10b3186617d1b5b
How To Exploit EternalBlue And DoublePulsar English Version
Posted Apr 20, 2017
Authored by Sheila A. Berta

Whitepaper explaining how to exploit EternalBlue and DoublePulsar to get an empire/meterpreter session on Windows 7 and 2008. English version of this paper.

tags | paper
systems | windows, 7
MD5 | 9923b32818775889684c2df610bb45d5
Web Services Penetration Testing
Posted Apr 17, 2017
Authored by Firat Celal Erdik, Mert Tasci

This is a whitepaper that discussing penetration testing against web services. Written in Turkish.

tags | paper, web
MD5 | 0d44214ba96b783c46bbca2a6e34d070
From Zero to ZeroDay Journey: Router Hacking
Posted Apr 6, 2017
Authored by Leon Juranic

Whitepaper called From Zero to ZeroDay Journey: Router Hacking (WRT54GL Linksys Case).

tags | paper
MD5 | db1a8ee4cfe26b0939e229c55041d19f
Attacking RDP - How To Eavesdrop On Poorly Secured RDP Connections
Posted Mar 15, 2017
Authored by Dr. Adrian Vollmer

Whitepaper called Attacking RDP - How to Eavesdrop on Poorly Secured RDP Connections.

tags | paper
MD5 | 08c726c194f04ec842f3c33ac2386895
Local File Disclosure Via SQL Injection
Posted Mar 13, 2017
Authored by Manish Tanwar

Whitepaper discussing local file disclosure attacks via remote SQL injection.

tags | paper, remote, local, sql injection
MD5 | dba854d85b85d2a54ff8aebeba6b9d29
Telstra 4Gx Portable Router Persistent Root Shell
Posted Jan 22, 2017
Authored by David Crees

This write up discusses how to leave a persistent root shell on a Telstra 4GX portable router.

tags | paper, shell, root
MD5 | 5ce382b3e97db0ed2752e7c22784c2b7
Dismantling Megamos Crypto: Wirelessly Lockpicking A Vehicle Immobilizer
Posted Aug 14, 2015
Authored by Baris Ege, Roel Verdult, Flavio D. Garcia

The Megamos Crypto transponder is used in one of the most widely deployed electronic vehicle immobilizers. It is used among others in most Audi, Fiat, Honda, Volkswagen and Volvo cars. Such an immobilizer is an anti-theft device which prevents the engine of the vehicle from starting when the corresponding transponder is not present. This transponder is a passive RFID tag which is embedded in the key of the vehicle. In this paper, the authors have reverse-engineered all proprietary security mechanisms of the transponder, including the cipher and the authentication protocol which we publish here in full detail. This article reveals several weaknesses in the design of the cipher, the authentication protocol and also in their implementation.

tags | paper, crypto, protocol
MD5 | 552ea71c6b3759788ec94e28a8f7c722
BIGINT Overflow Error Based SQL Injection
Posted Aug 5, 2015
Authored by Osanda Malith

This whitepaper deep dives into using BIGINT overflow errors in MySQL in order to extract data upon injection.

tags | paper, overflow, sql injection
MD5 | 6b07eab8ef3d32101a729a41d8d83e52
Chinese Attack On USIS Exploiting SAP Vulnerability
Posted Jul 15, 2015
Authored by ERPScan Research Team | Site erpscan.com

This whitepaper contains research details an attack timeline, documents what vulnerability was exploited, and provide recommendations on how to avoid data breaches in SAP systems.

tags | paper
MD5 | 9feb968a62c00d045d48c202cb454cf7
Page 1 of 14
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Ex-Fitbit Employees Indicted For Allegedly Stealing Secrets
Posted Jun 15, 2018

tags | headline, data loss, fraud
This New Android Malware Delivers Banking Trojan, Keylogger And Ransomware
Posted Jun 15, 2018

tags | headline, malware, phone, google
Xen Project Patches Intel's Lazy FPU Flaw
Posted Jun 15, 2018

tags | headline, flaw, patch, intel
Quantum Cryptography Demo Shows No Need For New Infrastructure
Posted Jun 15, 2018

tags | headline, science, cryptography
Ether Doesn't Fall Under SEC Rules
Posted Jun 15, 2018

tags | headline, government, bank, usa, cryptography
Decades-Old PGP Bug Allowed Hackers To Spoof Just About Anyone's Signature
Posted Jun 15, 2018

tags | headline, flaw, cryptography
LuckyMouse Threat Group Attacks Government Websites
Posted Jun 14, 2018

tags | headline, hacker, government, malware, china
US Senators Get Digging To Find Out The Truth About FCC DDoS Attack
Posted Jun 14, 2018

tags | headline, government, usa, denial of service, fraud
Backdoored Images Downloaded 5 Million Times Finally Removed From Docker Hub
Posted Jun 14, 2018

tags | headline, hacker, fraud, backdoor
Apple To Patch Flaw FBI Has Been Using To Hack iPhones
Posted Jun 14, 2018

tags | headline, government, privacy, usa, phone, flaw, patch, apple, fbi
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close