Clik here to view.
Deobfuscation: recovering an OLLVM-protected program
We recently looked at the Obfuscator-LLVM project in order to test its different protections. Here are our results, and explanations on how we deal with obfuscation.more...
View ArticleClik here to view.
NASA Orion - Bypass, Persistent Issue & Embed Code Execution Vulnerability
Document Title:===============NASA Orion - Bypass, Persistent Issue & Embed Code Execution VulnerabilityReferences...
View ArticleClik here to view.
The Mystery of sqlmap’s Empty Files
Recently I was working with a basic SQLi flaw, and wanted to get OS-level access. Naturally, I turned to sqlmap’s “–os-shell” featuremore here.........http://www.willhackforsushi.com/?p=581
View ArticleClik here to view.
Reading local files from Facebook's server (fixed)
Recently I found a vulnerability in Facebook which allowed me to read local files from Facebook's servers. The vulnerable part of Facebook was their Careers resume uploader, located at every job...
View ArticleClik here to view.
Google App Engine Java security sandbox bypasses (project pending completion...
We discovered multiple security issues in Google App Engine that allowfor a complete Java VM security sandbox escape.There are more issues pending verification - we estimate them to be inthe range of...
View ArticleClik here to view.
IIS, Compromised GoDaddy Servers, and Cyber Monday Spam
While doing an analysis of one black-hat SEO doorway on a hacked site, I noticed that it linked to many similar doorways on other websites, and all those websites were on IIS servers. When I see these...
View ArticleClik here to view.
The POODLE bites again
October's POODLE attack affected CBC-mode cipher suites in SSLv3 due to SSLv3's under-specification of the contents of the CBC padding bytes. Since SSLv3 didn't say what the padding bytes should be,...
View ArticleClik here to view.
Bypassing Windows and OSX Logins with NetHunter &
The Kali Linux NetHunter platform has many hidden features which we still haven’t brought to light. One of them is the DriveDroid application and patch set, which have been implemented in NetHunter...
View ArticleClik here to view.
Hacking SQL Server Stored Procedures – Part 2: User Impersonation
Application developers often use SQL Server stored procedures to make their code more modular, and help apply the principle of least privilege. Occasionally those stored procedures need to access...
View ArticleClik here to view.
Magnitude Exploit Kit Backend Infrastructure Insight - Part III
Welcome to our third and final post in this series about the Magnitude exploit kit. If you haven't already read them, you may want to start with the first and second posts. This post will continue...
View ArticleClik here to view.
Code Execution In Spite Of BitLocker
Disk Encryption is “a litany of difficult tradeoffs and messy compromises” as our good friend and mentor Tom Ptacek put it in his blog post. That sounds depressing, but it’s pretty accurate - trying to...
View ArticleClik here to view.
CVE-2014-0195: Adventures in OpenSSL’s DTLS Fragmented Land
Earlier this year, details of a remote code execution bug in OpenSSL’s DTLS implementation were published. The following is a look at the bug, its process and the different ways attackers might...
View ArticleClik here to view.
Humhub SQL injection and multiple persistent XSS vulnerabilities
[+] Humhub [1] SQL injection vulnerability[+] Discovered by: Jos Wetzels, Emiel Florijn[+] Affects: Humhub <= 0.10.0-rc.1The Humhub social networking kit versions 0.10.0-rc.1 and prior sufferfrom an...
View ArticleClik here to view.
Reading Outlook using Metasploit
In penetration tests, it sometimes can be hard to escalate privileges on a (Windows) target system. In this situation it can be useful to gain access to resources with sensitive information, such as...
View ArticleClik here to view.
Save Your Cloud: XSS in OpenStack Dashboard
Maximizing the effectiveness of compute power using an Infrastructure-as-a-Service (IaaS) cloud service is a common technique nowadays. Private (IaaS) clouds are often advertised as being more secure...
View ArticleClik here to view.
Unpatched Atlassian products still reign over a critical security flaw
Atlassian released a security advisory nearly 8 months ago and released patches for a very critical vulnerability contained nearly all web based products.Description of vulnerability was not sufficent...
View ArticleClik here to view.
PuttyRider
Hijack Putty sessions in order to sniff conversation and inject Linux commands.more here.......https://github.com/seastorm/PuttyRider
View ArticleClik here to view.
Sony's hack GOP statement … ( torrent files also included there )
We are the GOP working all over the world.We know nothing about the threatening email received by Sony staffers, but you should wisely judge by yourself why such things are happening and who is...
View ArticleClik here to view.
InsideReCaptcha
A few days ago, Google has introduced a new version of ReCaptcha, theorically allowing most users to complete it by only ticking a checkbox. If the user isn't deemed as human by Google, the old version...
View ArticleClik here to view.
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution
This security update resolves a privately reported vulnerability in the VBScript scripting engine in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a specially...
View Article