Clik here to view.
[CVE-2015-0250] Apache Batik information disclosure vulnerability
CVE-2015-0250: Apache Batik information disclosure vulnerabilitySeverity: MediumVendor: The Apache Software FoundationVersions Affected: Batik 1.0 - 1.7Description: Files lying on the filesystem of the...
View ArticleClik here to view.
NAXSI
NAXSI is an open-source, high performance, low rules maintenance WAF for NGINXNAXSI means Nginx Anti Xss & Sql Injection.Technically, it is a third party nginx module, available as a package for...
View ArticleClik here to view.
chisel
Chisel is an HTTP client and server which acts as a TCP proxy, written in Go (Golang). Chisel useful in situations where you only have access to HTTP, for example – behind a corporate firewall.more...
View ArticleClik here to view.
WinNT/Pitou (MBR bootkit, alias Backboot)
Pitou author seems to be pretty creative when it comes to droppers. This one is coded in PureBasic and drops a slightly older variant of the version described by EP_X0FF.Behaviour on Windows XP and...
View ArticleClik here to view.
CTF write-ups 2015- Wiki-like CTF write-ups repository, maintained by the...
There are some problems with CTF write-ups in general:they’re scattered across the interwebsthey don’t usually include the original files needed to solve the challengesome of them are incomplete or...
View ArticleClik here to view.
Safe Rowhammer Privilege Escalation
Problem description: The row-hammer attack is a method, where the physical properties of the DRAM chip are exploited: Flushing one row frequently may trigger bit flips in adjecent rows (see here). One...
View ArticleClik here to view.
Writing a web application scanner
I’ve started out to build a web application scanner. The first usable iteration is ``wascan’’ (sorry, I’m bad at naming things, if you have a better idea, let me know). The current version can crawl a...
View ArticleClik here to view.
X.Org Security Advisory: More BDF file parsing issues in libXfont
X.Org Security Advisory: March 17, 2015More BDF file parsing issues in libXfont========================================Description:============Ilja van Sprundel, a security researcher with IOActive,...
View ArticleClik here to view.
esc_sql Doh! WordPress SQL Injection Vulnerability
Update: This is not about a specific vulnerability, but a series of vulnerabilities due to trusting the use of a sanitizing function in a situation where it should not be used.WordPress has a number of...
View ArticleClik here to view.
Would Rust have prevented Heartbleed? Another look
In case you haven’t heard, another serious OpenSSL vulnerability will be announced this Thursday. It reminded me of about a year ago, when Heartbleed was announcedmore...
View ArticleClik here to view.
Codegate CTF 2015 Dodocrackme2 Write Up
DescriptionYou are given an apk file looks like some kind of CrackMe Application:SolutionTry to input some characters,it turns out a toast saying “Invalid code”. It seems that we should reverse this...
View ArticleClik here to view.
Paper: Factoring 512-bit RSA Moduli for Fun (and a Profit of $9,000)
Abstract. The recent FREAK attack highlighted widespread supportfor export-grade RSA keys in TLS servers. We present the results ofan IPv4-wide survey of TLS servers performed roughly one week...
View ArticleClik here to view.
Tool Release – CANBus Protector a (very simple) CANBus IPS system built on...
Continuing in the line of CANBus research and tools release I’d like to announce some quick work on a proof-of-concept CANBus IPS called, unoriginally, the CANBus Protector. I took some time to work on...
View ArticleClik here to view.
GHOST Remote Code Execution Exploit
A demonstration of remote code execution of the GHOST vulnerability, delivered as a standalone Metasploit module, is now available. The module remotely exploits CVE-2015-0235 (a.k.a. GHOST, a...
View ArticleClik here to view.
Door Skimmer + Hidden Camera = Profit
If an ATM you’d like to use is enclosed in a vestibule that requires a card swipe at the door, it might be a good idea to go find another machine, or at least use something other than a payment card to...
View ArticleClik here to view.
A ready to use Intel PIN Visual Studio project
Intel PIN is a great tool, but configuring a Visual Studio project is not very straightforward from its documentation. I know a couple of people who have heard of it, but have given up after not being...
View ArticleClik here to view.
B-Sides Vancouver CTF 2015 - garbage file
Your buddy Joey left a USB key with some data he needs your help with. He pulled it from the firewall logs at a 'secure file format'-as-a-Service provider, so he's pretty sure it might be protected or...
View ArticleClik here to view.
VMDE
Virtual Machines Detection Enhanced, sourced from paper, adapted to 2015 here....https://github.com/hfiref0x/VMDE
View ArticleClik here to view.
Research Spotlight: Exploiting Use-After-Free Vulnerabilities
Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Yves Younan of Talos will be presenting at CanSecWest on Friday March 20th. The...
View ArticleClik here to view.
Teslacrypt Joins Ransomware Field
A newly crafted ransomware, Teslacrypt, has arrived in the malware genre that encrypts user files using AES encryption and demands money to decrypt the files. This ransomware infects systems from a...
View Article