Akamai's implementation doesn't work and isn't secure
On Friday Akamai published a blog post[1] indicating they were not vulnerableto the Heartbleed attack. They patched OpenSSL to put the private key in aseparate part of memory, surrounded by guard...
View ArticleGathering external information and using the most suitable tool to ease your...
Here is a little story of how I approached the malware of the day, I hope to entertain you a little with this light post.The malware is MFC based, and among all the sections there is one with a...
View ArticleInternet Explorer 10 & Adobe Flash Player (12.0.0.70, 12.0.0.77) - CMarkup...
Full exploit here.....http://www.exploit-db.com/exploits/32851/
View ArticlePlaidCTF writeup for Web-200: kpop (bad deserialization)
Hello again!This is my second writeup from PlaidCTF this past weekend! It's for the Web level called kpop, and is about how to shoot yourself in the foot by misusing serialization (download the files)....
View ArticlePaper: Open Crypto Audit Project TrueCrypt
The Open Crypto Audit Project engaged iSEC Partners to review select parts of the TrueCrypt7.1a disk encryption software. This included reviewing the bootloader and Windows kerneldriver for any system...
View ArticleLaCie Incident Notification
At LaCie, we take very seriously the privacy and confidentiality of the personal information provided to us by our customers. Regrettably, this notice is to inform our customers about an incident...
View ArticleFlickr from SQL Injection to RCE
Today i will write about a new vulnerability i found in Flickr.com- How I got MYSQL root password of Flickr Database- RCE on Flickr servermore...
View ArticleiOS Kernel Reversing Step by Step
One of the biggest players in mobile, Apple, has based each of their devices on one main Operating System. Known simply as “iOS”, the popular mobile operating system by Apple runs on their flagship...
View ArticleOccupy Your Icons Silently on Android
FireEye mobile security researchers have discovered a new Android security issue: a malicious app with normal protection level permissions can probe icons on Android home screen and modify them to...
View Articlede4dot-open source (GPLv3) .NET deobfuscator and unpacker
de4dot is an open source (GPLv3) .NET deobfuscator and unpacker written in C#. It will try its best to restore a packed and obfuscated assembly to almost the original assembly. Most of the obfuscation...
View ArticleWordPress auth cookie forgery
The use of non-strict comparison in WordPress’s cookie validation code could allow an attacker to forge authentication cookies by exploiting PHP’s type juggling system or by measuring timing...
View ArticleFrom the Trenches: AV Evasion With Dynamic Payload Generation
A few weeks ago I was excited when Rapid7, asked me to participate in their 2014 Tech Preview Program for Metasploit Pro version 4.9 I have always enjoyed the interaction I have had with the talented...
View ArticleHTTPS Everywhere 3.5, 4.0dev.16, chrome-2014.4.14 released
HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure.more...
View ArticleUnitrends enterprise backup remote unauthenticated root
Hi, detailed in this gist is a metasploit module and vulnerability thatallows an attacker to execute commands remotely as root without priorauthentication:https://gist.github.com/brandonprry/10745756
View ArticleXerox DocuShare authenticated SQL injection
Hi, detailed in the linked gist is a SQL injection available toauthenticated "read-only" users within Xerox DocuShare:https://gist.github.com/brandonprry/10745681
View ArticleWebTitan 4.01 multiple vulnerabilities
Hi, please see the linked gist for details on Directory Traversal and RCEvulnerabilities within WebTitan:https://gist.github.com/brandonprry/10747603
View ArticleYear-Long Exploit Pack Traffic Campaign Surges After Leveraging CDN
nyone can purchase an exploit pack (EP) license or rent time on an existing EP server. The challenge for threat actors is to redirect unsuspecting web browsing victims by force to the exploit landing...
View ArticleSending and Authenticating Messages with Elliptic Curves
Last time we saw the Diffie-Hellman key exchange protocol, and discussed the discrete logarithm problem and the related Diffie-Hellman problem, which form the foundation for the security of most...
View Articlelxml (python lib) vulnerability
I've accidentally found vulnerability in clean_html function of lxml pythonlibrary. User can break schema of url with nonprinted chars (\x01-\x08).Seems like all versions including the latest 3.3.4 are...
View Articlebillgates-botnet tracker
Here are some tools written in Python to monitor BillGates Linux Botnet activity (DDoS commands, update commands, etc).more here......https://github.com/ValdikSS/billgates-botnet-tracker
View Article