Clik here to view.
Google Youtube - Filter Bypass & Persistent Vulnerability [9-5942000004564]...
Document Title:===============Google Youtube - Filter Bypass & Persistent Vulnerability [9-5942000004564] (PoC Video...
View ArticleClik here to view.
PHP htaccess injection cheat sheet
ScenarioIn a setup of Apache/mod_php an attacker is able to inject .htaccess (or php.ini or apache configuration). The injection directory has AllowOverride Options set (or AllowOverride All, which is...
View ArticleClik here to view.
Closures, Objects, and the Fauna of the Heap
The last post in this series looks at closures, objects, and other creatures roaming beyond the stack. Much of what we’ll see is language neutral, but I’ll focus on JavaScript with a dash of C.more...
View ArticleClik here to view.
Crypto-Ransomware Running Rampant
There's no doubt that ransomware is one of the most popular malware threats of 2014. Zscaler is not alone in this opinion, as other security firms have observed up to a 700% increase in infection rates...
View ArticleClik here to view.
ASP Backdoors? Sure! It’s not just about PHP
I recently came to the realization that it might appear that we’re partial to PHP and WordPress. This realization has brought about an overwhelming need to correct that perception. While they do make...
View ArticleClik here to view.
TSX improves timing attacks against KASLR
Mega biblion mega kakon…… and similarly a long blog is a nuisance, so I managed to squeeze the essence of it into a single sentence, the title. If it is not entirely clear, read on.more...
View ArticleClik here to view.
Men’s Wearhouse Perfect Fit App Vulnerability Exposing Customer Information
Men’s Wearhouse offers an Android app called Perfect Fit which allows customers to manage their accounts, track their rewards points, receive coupons, etc. As a customer myself, I already had an...
View ArticleClik here to view.
Paper: Mayhem in the Push Clouds: Understanding and Mitigating Security...
Push messaging is among the most important mobile-cloud services,offering critical supports to a wide spectrum of mobile apps.This service needs to coordinate complicated interactions betweendeveloper...
View ArticleClik here to view.
ScanBox framework – who’s affected, and who’s using it?
Earlier this year the Japanese language website of one of the world’s largest suppliers of industrial equipment was compromised by a sophisticated threat actor. Usually in such cases an attacker will...
View ArticleClik here to view.
Kaspersky Hooking Engine Analysis
In this article we will talk about a few hooking techniques used by antivirus software. For the purpose of this analysis the antivirus chosen will be Kaspersky (http://www.kaspersky.com/it/trials PURE...
View ArticleClik here to view.
Dorothy 2- A malware/botnet analysis framework written in Ruby.
Dorothy2 is a framework created for suspicious binary analysis. It’s main strengths are a very flexible modular environment, and an interactive investigation framework with a particular care of the...
View ArticleClik here to view.
Cisco ASA SSL VPN Backdoor PoC (CVE-2014-3393)
A coworker and I recently had the opportunity to work with a new vulnerability released at Ruxcon just earlier this month and while we didn't get exactly what we wanted, it was quite interesting.The...
View ArticleClik here to view.
Memtools Vita 0.3beta (untested)
Allows developers to play with the Vita's WebKit process memory by leveraging a WebKit vulnmore here........https://github.com/BrianBTB/memtools_vita
View ArticleClik here to view.
Metasploit: Windows TrackPopupMenu Win32k NULL Pointer Dereference
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'require...
View ArticleClik here to view.
Dubious MIME - Conflicting Content-Transfer-Encoding
Because of different interpretations of standards in mail clients, IDS/IPS and antivirus products, it is possible to pass malware undetected to the end user. This is especially funny and dangerous if...
View ArticleClik here to view.
Fireeye Report: A WINDOW INTO RUSSIA’S CYBER ESPIONAGE OPERATIONS?
Our clients often ask us to assess the threat Russia poses in cyberspace. Russia haslong been a whispered frontrunner among capable nations for performingsophisticated network operations. This...
View ArticleClik here to view.
Foxtrot
A simple and secure routing network based on bitcoin cryptography. Foxtrot enables easy p2p communications and has built-in mechanisms for peer discovery, creation of services addressable by public...
View ArticleClik here to view.
Hacking a Reporter: UK Edition
Over the summer, a U.K. journalist asked the Trustwave SpiderLabs team to target her with an online attack. You might remember that we did the same in 2013 by setting our sites on a U.S.-based...
View ArticleClik here to view.
CryptoAttacker
CryptoAttacker helps detect and exploit some common crypto flaws.Active Scanning to detect padding Oracle attacksActive Scanning capabilities to detect input being encrypted with ECB and reflected back...
View ArticleClik here to view.
CVE-2014-2718: ASUS wireless router updates vulnerable to a Man in the Middle...
Over the past few months I have come across a couple of significant issues with ASUS wireless routers (which to their credit the company has been quick to resolve). In mid February, I wrote that a...
View Article