Search results

Ubuntu Forums are back to normal following a serious hack attack that exposed the usernames, email addresses and hashed passwords of 1.8 million open source users. Parent firm Canonical restored the forums on Tuesday as well as publishing a detailed summary of what went wrong and the broad...

Dejan Lukan January 11, 2013 Cross references can help us determine where certain functions were called from, which can be useful for a number of reasons. Let’s say that we found the function we’re interested in for whatever reason: maybe it contains a vulnerable code, we could use to execute...

Introduction Immunity Debugger is a debugger which is very much like Ollydbg. In this tutorial we’ll present the Python API that Immunity Debugger uses for writing the plugins. Ollydbg has its own language for plugin development, while Immunity Debugger uses well known Python programming...

Abstract -- TL;DR too many diverse anti-anti-reversing tools (="pro-reversing") idea: create open-source library of pro-reversing techniques compile as DLL and inject it into process to be reversed Motivation I really like reversing and really dislike anti-reversing techniques --...

So finally the v5 is there after a long and hard work, i recode many part of the program mostely the multithreading i also change a bit the main GUI and the whole file manager. it is faster and more pro. changelog : http://www.sendspace.com/file/hghl8l

Bozok RAT This version includes fixes on Webcam and Keylogger, Webcam works on DirectX now. Also a few fixes were applied, GUI on Webcam and Screencapture changed. Save Frame added! Download Bozok 1.3

Visual Studio 2010 Basics Ajay YadavMarch 25, 2013 Introduction This article will demonstrate the development life cycle for various .NET framework applications,for instance, executables, console applications,Windows Forms, etc., and how to build them in C# using .NET framework compilation...

Handling Memory in Protected Mode Dejan LukanMarch 25, 2013 Introduction In the past, systems such as MSDOS used the real mode, and it had no protections against accessing any memory address. Programs then were able to access even the system data that was stored in memory. We can imagine...

Which weapon should I choose for Web Penetration Testing? 3.0 Dame Jovanoski March 22, 2013 Introduction So here we are on the third edition of “Which weapon should I choose for Web Penetration Testing?” For this edition, I am going to take a walk through two interesting tools for...

Mutiny Remote Command Execution Authored by Christopher Campbell This Metasploit module exploits an authenticated command injection vulnerability in the Mutiny appliance. Versions prior to 4.5-1.12 are vulnerable. In order to exploit the vulnerability the mutiny user must have access to the...

Apache Struts ParametersInterceptor Remote Code Execution Meder Kydyraliew This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.3.1.2. This issue is caused because the ParametersInterceptor allows for the use of parentheses which in turn allows...

Translating Virtual to Physical Address on Windows: Physical Addresses Dejan Lukan March 22, 2013 Getting the Physical Address Manually So far we’ve figured that the virtual address is the same as linear address, so in the next part of the article we can use virtual addresses because they...

Translating Virtual to Physical Address on Windows: PAE, Virtual and Linear Addresses Dejan Lukan March 21, 2013 Checking if PAE is Enabled This was discussed in the first portion of this tutorial: please review before proceeding. Getting the Virtual Address The next thing we need to do is...

Machine Learning Part 3: Ranking Victor MarakApril 04, 2013 INTRODUCTION: In the previous article, we saw the utility of Naïve Bayes Rule for malware classification. While simple to understand and implement, we have tried to illustrate the best of its use writing our own Android malware...

Writing Windows Kernel Mode Driver Dejan LukanApril 08, 2013 Introduction In this tutorial, we’re going to use the Windows Driver Mode (WDM) which provides us greater flexibility than other modes while being harder to use. We’ll take a look at how to create our first kernel mode driver for...

Hacking Static Passwords Dawid Czagan April 08, 2013 1. Introduction The static password is the most popular authentication method. It’s also the least secure one. This article describes how static passwords can be attacked and protected. It also presents zero knowledge proof, which can be...

Windows Building Environment for Kernel Driver Development Dejan Lukan April 09, 2013 Details of Driver Development Environment In the previous article , we saw that upon installing WDK 7.1.0, we got build environments for Windows 7, Windows Server 2003, Windows Vista, Windows Server 2008 and...

Dot NET Assemblies and Strong Name Signature Soufiane TahiriApril 09, 2013 General Overview Before going any deeper on this subject, we need to clarify a huge ambiguity regarding signing for versioning and signing for protecting. A strong name signature is after all a set of information...

Writing a Windows Kernel Driver (2) Dejan Lukan April 10, 2013 Introduction If you haven’t read the first two articles yet, here and here, then you probably should, because they are essential to understanding what we’ll be talking about here. Before we actually take a look at the code and...

Introduction to Kernel Debugging with Windbg Dejan Lukan May 10, 2013 Introduction You’ve probably heard about Windbg before, right? It’s a Windows debugger written by Microsoft that’s used by developers and hackers for debugging the OS. We won’t go into the process of installing the Windbg...