exploit the possibilities
Showing 1 - 25 of 25 RSS Feed


Kernel Attacks Through User-Mode Callbacks
Posted Feb 26, 2013
Authored by Tarjei Mandt

In this paper, the author discusses the many challenges and problems concerning user-mode callbacks in win32k. In particular, they show how win32k's dependency on global locks in providing a thread-safe environment does not integrate well with the concept of user-mode callbacks. Although many vulnerabilities related to user-mode callbacks have been addressed, their complex nature suggests that more subtle flaws might still be present in win32k. Thus, in an effort to mitigate some of the more prevalent bug classes, they conclusively provide some suggestions as to how users may protect themselves against future kernel attacks.

tags | paper, kernel, vulnerability
MD5 | 3b48f7d98508f64ce2d0c173a3509b7e
RDP Exploitation Using Cain
Posted May 21, 2012
Authored by David J. Dodd

This paper demonstrates how to ARP poison a connection between Windows 7 and Windows 2008 R2 Server using Cain.

tags | paper
systems | windows, 7
MD5 | ef9266998c0a638d9a127633eb6b3263
A Backdoor In The Next Generation Active Directory
Posted Jan 24, 2012
Authored by Dmitriy Evteev

This is a brief whitepaper called A Backdoor in the Next Generation Active Directory.

tags | paper
MD5 | 4322964f07c8caf1a4bd6cd89912fef5
Windows 7/2008 Event Log Forensic And Reversing Analysis
Posted Mar 18, 2011
Authored by ar1vr

Whitepaper called Windows 7/2008 Event Log Forensic and Reversing Analysis.

tags | paper
systems | windows, 7
MD5 | 3674019074b68ec149e014050a342204
Windows 7 Firewire Attacks
Posted Aug 15, 2009
Authored by Benjamin Boeck

Whitepaper called Firewire-based Physical Security Attacks on Windows 7, EFS and BitLocker.

tags | paper
systems | windows, 7
MD5 | d1e374eb7be3ea6d97c8ba5fa55f8371
Posted Dec 3, 2008
Authored by Aodrulez | Site aodrulez.blogspot.com

Whitepaper entitled Reverse Engineering Microsoft F#.

tags | paper
MD5 | 646434fe251aefffc57d98fa5e28037a
Posted Aug 20, 2008
Authored by Kingcope

Breaking The Windows Server 2003 SP2 Stack.

tags | paper
systems | windows
MD5 | b4328f2c7b3f800582602b7bf3872e77
Posted May 2, 2008
Authored by Brett Moore | Site insomniasec.com

Access Through Access - A whitepaper that has aggregated various material regarding how to exploit Microsoft Access during a penetration test.

tags | paper
MD5 | 1511fb8b161bbf68d08ff934a1f1f114
Posted Mar 12, 2008
Authored by Peter Panholzer | Site sec-consult.com

Physical Security Attacks On Windows Vista - A short whitepaper discussing the firewire unlock attack.

tags | paper
systems | windows, vista
MD5 | 38aa74a1488c9b7c08630e81c4343ba5
Posted Nov 30, 2007
Authored by shinnai | Site shinnai.altervista.org

Whitepaper detailing Microsoft API function pointer hijacking.

tags | paper
MD5 | defc0c2f3c81fbe2b0984fb4f41d73ac
Posted Oct 10, 2007
Authored by Kriz

Small write up discussing how ShellExecute() works and how applications must make use of it.

tags | paper
MD5 | 7752202884ef40cf52770806232a2126
Posted Apr 17, 2007
Authored by Makoto Shiotsuki

Whitepaper discussing Windows DNS cache poisoning by forwarder DNS spoofing.

tags | paper, spoof
systems | windows
MD5 | 6e95d4e60558e072e418b4036af71e0a
Posted Jan 4, 2007
Authored by Hemil Shah

Small paper that discusses SMB and NetBIOS on Windows and how a user can disable them.

tags | paper
systems | windows
MD5 | 61a6e2a511d023c375ac2e9e0fa7ff37
Posted Jan 3, 2007
Authored by Matthieu Suiche | Site msuiche.net

Whitepaper entitled Windows Vista 64bits And Unexported Kernel Symbols.

tags | paper, kernel
systems | windows, vista
MD5 | d3517b08b5aaeb3831f9c6e828a16dd2
Posted Nov 6, 2006
Authored by Craig Heffner | Site craigheffner.com

Short whitepaper discussing API hooking/interception via DLL redirection.

tags | paper
MD5 | 4e78af66fd03f49d6878ac5a06b14467
Posted Oct 4, 2006
Authored by Renaud Lifchitz | Site sysdream.com

Windows Vista includes a new memory protection system called ASLR. Its goal is to escape buffer overflow attacks in vulnerable programs. Ali Rahbar, has made a complete study of this security mechanism, and found a new implementation flaw that allows to bypass this protection.

tags | paper, overflow
systems | windows, vista
MD5 | 72474dfdfa0795f1434c9375d5690367
Posted Sep 7, 2006
Authored by Craig Heffner | Site craigheffner.com

This multi-part tutorial will present several ways in which you can add functionality to closed source Windows executables through DLLs, PE header modification, and good old assembly code. Adding code to existing code caves, modifying PE headers to create code caves and/or importing DLL functions, adding backdoors to programs, and adding plugin support to closed-source programs are all covered.

tags | paper
systems | windows
MD5 | 12b2cdafaf8a4dc8244d3cd2859947c7
Posted Aug 27, 2006
Authored by Aelphaeis Mangarae | Site securzone.org

Whitepaper discussing the hardening of Windows NT.

tags | paper
systems | windows, nt
MD5 | ec1538b2f0f47f6d427178fa6c3986a3
Posted Jun 15, 2006
Authored by Ruben Santamarta | Site reversemode.com

Whitepaper discussing the fact that the Microsoft Server Message Block Redirector Driver (mrxsmb.sys) does not verify the user-mode buffer properly, allowing any user to overwrite any desired memory address. The successful exploitation results in Ring0 code execution.

tags | paper, code execution
MD5 | ff5d41f27bb5aaad5e4b516897b128e4
Posted Dec 3, 2005
Authored by Nish Bhalla | Site securitycompass.com

Source code for all the examples used in tutorials 1 through 4 of 'Writing Stack Based Overflows On Windows'.

tags | paper, overflow
systems | windows
MD5 | be840faace1a6e3c9e0965a9261c328b
Posted Dec 3, 2005
Authored by Nish Bhalla | Site securitycompass.com

Writing Stack Based Overflows on Windows - Part IV: Shellcode creation and exploitation an application remotely.

tags | paper, overflow, shellcode
systems | windows
MD5 | 02bd4588eddd075cfa4719ee16a3accf
Posted Dec 3, 2005
Authored by Nish Bhalla | Site securitycompass.com

Writing Stack Based Overflows on Windows - Part III: Walking through a stack based overflow and writing an exploit for a local overflow.

tags | paper, overflow, local
systems | windows
MD5 | acfe032bffa059a6c9f793e1747f209d
Posted Nov 4, 2005
Authored by Nish Bhalla | Site securitycompass.com

Writing Stack Based Overflows on Windows - Part II: Windows Assembly for writing Exploits

tags | paper, overflow
systems | windows
MD5 | 7801a3c8566ddd0bf6d2a971c1169e8d
Posted Nov 4, 2005
Authored by Nish Bhalla | Site securitycompass.com

Writing Stack Based Overflows on Windows - Part I: Basic Concepts

tags | paper, overflow
systems | windows
MD5 | 323c43c35578f47d6da9e2f78acea9f3
Posted Oct 25, 2005
Authored by Cesar | Site argeniss.com

Story of a dumb patch - This paper describes a mistake made by Microsoft in patch MS05-018 where Microsoft failed to properly fix a vulnerability having to release a new patch MS05-049. Hopefully this paper will open the eyes of software vendors to not repeat these kind of mistakes.

tags | paper
MD5 | d646c9f681675c21ab8234ecacfbca7d
Page 1 of 1

Top Authors In Last 30 Days

packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By