exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 344 RSS Feed

Files

Post Exploitation Using Meterpreter
Posted Dec 10, 2011
Authored by Shubham Mittal

Whitepaper called Post Exploitation using Meterpreter. It goes into detail on how to leverage Metasploit during a penetration test.

tags | paper
SHA-256 | 89a7620f8ae1ed536363950d30f77b17cc62b653bd630305609749e496b2a9d7
Hacking Embedded Devices For Fun And Profit
Posted Nov 7, 2011
Authored by prdelka

These are slides from a talk called Hacking Embedded Devices for Fun and Profit. It uses Sky Broadband as a case study.

tags | exploit, paper
SHA-256 | c47817875f30772c127c3169814a0db083ad87a06d51af5acdb3128b68dce9c6
Anatomy Of A Pass Back Attack
Posted Nov 1, 2011
Authored by Deral Heiland, Michael Belton | Site foofus.net

Brief whitepaper discussing how to trick a printer into passing LDAP or SMB credentials back to an attacker in plain text.

tags | paper
SHA-256 | 4c1967b52b737e8378e0591046c4fbeb02462547b019cb3d9e260b1c5939d804
The Trash Attack
Posted Nov 1, 2011
Authored by Eric Lazarus, Josh Benaloh

This short paper describes the trash attack which is effective against the majority of fully- verifiable election systems. The paper then offers a simple but counter-intuitive mitigation which can be incorporated within many such schemes to substantially reduce the effectiveness of the attack. This mitigation also offers additional benefits as it significantly improves the statistical properties of existing verifiable systems.

tags | paper
SHA-256 | f3dc29a3800369867d6dbd3254907d55b91b54e054a74c5975d588767adce42e
Heap, Overflows And Exploitation
Posted Oct 31, 2011
Authored by Celil Unuver

Whitepaper called Heap, Overflows and Exploitation. Written in Turkish.

tags | paper, overflow
SHA-256 | 7b494d3844c65ed44831e4a8623b0ae9168a5432d8b05e09295782c967294133
Skype VoIP Zero Day Exploitation
Posted Oct 20, 2011
Authored by Benjamin Kunz Mejri, Pim J.F. Campers

Whitepaper called Skype Voice Over IP Software Vulnerabilities, Techniques and Methods - Zero Day Exploitation 2011.

tags | paper, vulnerability
SHA-256 | b0175858820b9e6438b1ec0ef4a41eeaa2957167c87f13ca78bade3f36b4401a
DNS Poisoning Via Port Exhaustion
Posted Oct 19, 2011
Authored by Yair Amit, Roee Hay

Whitepaper called DNS Poisoning Via Port Exhaustion. It covers everything from how DNS poisoning works to various methods of performing attacks. It discloses two vulnerabilities. One is in Java which enables remote DNS poisoning using Java applets. The other is in multiuser Windows environments that allows for a local DNS cache poisoning of arbitrary domains.

tags | advisory, paper, java, remote, arbitrary, local, vulnerability
systems | windows
advisories | CVE-2011-3552, CVE-2010-4448
SHA-256 | 59aae9b502f6267802e5e03c5acbbc8cc5b2055211508a758f0223c1089883be
Local Session Poisoning In PHP Part 3
Posted Oct 14, 2011
Authored by Mango

This whitepaper is called Local Session Poisoning in PHP Part 3: Bypassing Suhosin's Session Encryption.

tags | paper, local, php
SHA-256 | b4c2757edc23926772d3931a43343d42a16d61a0d0eeaf402605d9c79122b967
Local Session Poisoning In PHP Part 2
Posted Oct 14, 2011
Authored by Mango

This whitepaper is called Local Session Poisoning in PHP Part 2: Promiscuous Session Files.

tags | paper, local, php
SHA-256 | a5b53f4b5bd46c66cfc9ad3a8d7d286455bc7a43f332c3b1e6ccb2290c69cb84
Local Session Poisoning In PHP Part 1
Posted Oct 14, 2011
Authored by Mango

This whitepaper is called Local Session Poisoning in PHP Part 1: The Basics of Exploitation and How to Secure a Server.

tags | paper, local, php
SHA-256 | c245f17fa9754ac7a72df98693b35929e796d3a655aeb50b5fa88d746027aa9e
Hacking WebLogic
Posted Oct 12, 2011
Authored by Sysmox | Site sysmox.com

Whitepaper called Hacking WebLogic. It gives a brief overview of how to hack a default WebLogic server using a web browser.

tags | paper, web
SHA-256 | 77477751376cbf1dd5937b193eca2afb67787fcb5a3e0c217ea0c52936c41806
Le Sidejacking Avec Pycookiejsinject
Posted Oct 9, 2011
Authored by Adil Alhima

This whitepaper focuses on performing sidejacking with pycookiejsinject. Written in French.

tags | paper
SHA-256 | a580308d16ffda2f2ce9c0084fa32be440d00db80c3699cf955564c9ff3bbf8d
Beyond SQLi: Obfuscate And Bypass
Posted Oct 6, 2011
Authored by CWH Underground, ZeQ3uL, Suphot Boonchamnan

Whitepaper called Beyond SQLi: Obfuscate and Bypass. It discusses filter evasion, normal and advanced SQL injection bypassing techniques, and more.

tags | paper, sql injection
SHA-256 | 53da24878fd14e31209e104f5628e918c66caec3b70de820ef4ded44a458460e
Frontal Attacks: From Basic Compromise To Advanced Persistent Threat
Posted Oct 2, 2011
Authored by High-Tech Bridge SA | Site htbridge.ch

Nowadays, there is a renewed interest in server-side attacks for hackers. According to SANS, attacks against web applications constitute more than 60% of the total attack attempts observed on the Internet. Victims may be the website owners (e.g. intellectual property theft or loss of customer confidence), their clients (e.g. bank transfer fraud or identity theft) as well as any Internet user, since web application vulnerabilities are now widely exploited to convert trusted websites into malicious ones, thus serving client-side exploits contents to Internet users. This document addresses the major threats which face today's companies, from database exfiltration in DMZ to the Advanced Persistent Threats recently undergone in many international organizations.

tags | paper, web, vulnerability
SHA-256 | 100985142d65548380351ebd6fcc87cfd85c7f2c807b5e0adb0ae7c04271e115
JBoss Exploitation
Posted Oct 1, 2011
Authored by Secfence

Whitepaper called JBoss Exploitation. This paper goes into detail on popping a shell on open JMX consoles.

tags | paper, shell
SHA-256 | f5e7c9eba0269b878c2481d4055fb0247eb60c34c16d6a88ef2dd33026039dc3
Top Seven ColdFusion Security Issues
Posted Sep 14, 2011
Authored by Sysmox

This whitepaper discusses the most prevalent security issues with server configurations and application implementations for ColdFusion.

tags | paper
SHA-256 | 88b4ae6ec50477ea59f03c75c24ad0e58dfd2ff3ab41d93aa6d23e371ea194da
Using QR Tags To Attack Smart Phones
Posted Sep 13, 2011
Authored by Augusto Pereyra

Whitepaper called Using QR Tags to Attack Smart Phones (Attaging). It discusses the threatscape related to arbitrary scanning of these tags and using Metasploit to exploit them.

tags | paper, arbitrary
SHA-256 | 5aeb974041271775d2797f33f606f42ebe41ac2480ecbba6cd286c2ec7fba100
Sneak Peak At The Metasploit Framework - II
Posted Aug 19, 2011
Authored by Karthik R

Whitepaper called Sneak Peak at the Metasploit Framework - II. This article covers using databases with the Metasploit Framework in detail.

tags | paper
SHA-256 | e2fd5239e0ac4b7622e1680a42e1476e166f4701849942f1a604ec249819ee28
Introduction To Hacking Basics
Posted Aug 5, 2011
Authored by failed404

Whitepaper called Introduction To Hacking Basics. Written in Indonesian.

tags | paper
SHA-256 | a54033f1d15f089131b735c5506d79c7555c8272d18984925b7b1b022bc0c3c6
Sneak Peak At The Metasploit Framework
Posted Jul 31, 2011
Authored by Karthik R

This whitepaper is an article that covers the basic structure of Metasploit and the need for it as a framework. It provides guidance on the different techniques of information gathering and scans.

tags | paper
SHA-256 | 6d8d5543a9922644ed97c0a76b13537b5fae0e6518a660c04c7ae634e076bfec
Using Metasploit With Nessus Bridge On Ubuntu
Posted Jul 16, 2011
Authored by David J. Dodd

Whitepaper called Using Metasploit With Nessus Bridge On Ubuntu. The author discusses using the autopwn feature in Metasploit, running Nessus from within Metasploit, choices of databases to use, and the benefits of each.

tags | paper
systems | linux, ubuntu
SHA-256 | 7a281ad62c6b8aa703ecc0bdd4a00e7157e35b1a5e19f99ed374027c1a923e86
HTTP Parameter Contamination
Posted Jul 16, 2011
Authored by Ivan Markovic

This is a brief whitepaper called HTTP Parameter Contamination (HPC) Attack / Research.

tags | paper, web
SHA-256 | fd048c4ac4a159b39bf8ad25dc758cf6e3d6fbf6ed1e035ace3ac04b164649c5
Potential Dangers Of Active-X Attacks
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Whitepaper called Become Fully Aware of the Potential Dangers of Active-X Attacks. Exploiting Active-X components vulnerabilities in Windows has become a favored method of attackers aiming to compromise specific computers. Such targeted attacks have increasingly become a threat to companies and government agencies. This talk will explain this kind of attack and show how this flaw could be discovered while going through exploitation.

tags | paper, vulnerability, activex
systems | windows
SHA-256 | 9eeb90330cfbccc1cd8f8478aef2e4c16a609d57f5f1172310f841fe03112f37
Penetration Testing Linux With Brute Forcing Tool
Posted Jul 5, 2011
Authored by Sumedt Jitpukdebodin

Whitepaper called Penetration Testing Linux with Brute Forcing Tool. It discusses using Backtrack, Metasploit, and various brute forcing tools for breaking into a Linux host.

tags | paper
systems | linux
SHA-256 | ff57b1b9ae4de5159ef5bbd7da8a1491e036234017481810575435a054afdb7f
Post Exploitation Using Metasploit Pivot And Port Forward
Posted Jun 25, 2011
Authored by David J. Dodd

Whitepaper called Post Exploitation using Metasploit pivot and port forward. A very nice feature in Metasploit is the ability to pivot through a meterpreter session to the network on the other side. This tutorial walks you through how this is done once you have a meterpreter session on a foreign box.

tags | paper
SHA-256 | a05be3bd008961eca995330559a8b1aed77254c9151b49ae3060c36de9ee2372
Page 5 of 14
Back34567Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close