Search results

Presenting the PE Header Dejan Lukan May 08, 2013 Let’s present the whole PE file structure with the picture below (taken from [5]): At the beginning there’s a DOS header, which is an MS-DOS compatible executable that always consists of exactly 100 bytes that outputs an error message...

Collabtive version 1.0 suffers from cross site scripting, remote shell upload, and arbitrary account deletion vulnerabilities. Authored by Enrico Cinquini Source: Collabtive 1.0 XSS / Shell Upload / Privilege Escalation ≈ Packet Storm ============================================= - Release...

New attack plucks secrets from HTTPS-protected pages[/h]Exploit called BREACH bypasses the SSL crypto scheme protecting millions of sites. by Dan Goodin - Aug 1 2013, 6:30pm GTBST A frame from a video demonstration showing BREACH in...

The Import Directory: Part 2 Dejan Lukan April 29, 2013 You can take a look at the previous article before reading this one. If you already understand the basics of IAT table, then you can skip the first article, but otherwise you should read that before continuing below. Presenting the...

The Import Directory: Part 1 Dejan Lukan April 24, 2013 We know that when the operating system loads the executable, it will scan through its IAT table to locate the DLLs and functions the executable is using. This is done because the OS must map the required DLLs into the executable’s...

Calling NTDLL Functions Directly Dejan Lukan June 06, 2013 Introduction If you’re reading this, then you’ve probably wanted to call some internal ntdll function that isn’t exported and easily callable, right? If no, then let me explain what I mean. If we start the Visual Studio Command...

LUKS and LVM Dejan Lukan June 05, 2013 LVM + LUKS LVM is software that uses physical devices as physical volumes (PVs) in storage pools called volume group (VG). Physical volumes can be a partition, whole SATA hard drive grouped as JBOD, RAID systems, iSCSI, Fibre Channel, eSATA, etc [1]...

18 Extensions For Turning Firefox Into a Penetration Testing Tool Pavitra Shankdhar July 09, 2013 Firefox is a popular web browser from Mozilla. Popularity of Firefox is not only because it’s a good web browser, it also supports add-ons to enhance the functionality. Mozilla has a website...

Using SetWindowsHookEx for DLL Injection on Windows Dejan Lukan June 03, 2013 Introduction Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/dejanlukan . In this tutorial, we’ll take a look at the DLL injections by...

API Hooking and DLL Injection on Windows Dejan Lukan May 31, 2013 Introduction Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/eleanor . In this tutorial, we’ll take a look at various methods that we can use to...

Using CreateRemoteThread for DLL Injection on Windows Dejan Lukan May 30, 2013 Introduction Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/eleanor . In this tutorial, we’ll talk about how to inject a custom DLL...

Alternative Wi-Fi Cracking Rohit Shaw July 10, 2013 Wi-Fi : “WiFi” is the short form for Wireless Fidelity. It is a high speed internet and network connection without the use of wires or cables. It means a type of wireless networking protocol that allows devices to communicate and transfer...

Programming with COM Ajay Yadav July 10, 2013 Abstract This article commences by taking a brief backward glimpse at COM then compares it with the way that components interact in .NET, and finally it takes a look at the tool provided by Microsoft to let these two technologies coordinate...

Exploitation Ubuntu – Windows Services Fotis Liatsis June 27, 2013 This tutorial describes the basic principles of gathering information to exploit vulnerable machines like Ubuntu Server and Windows XP. On both systems (Ubuntu and Windows) are installed some vulnerable services like Tomcat...

.NET Reverse Engineering – 3 Ajay Yadav July 31, 2013 Introduction We have taken tour of the syntax and semantics of raw CIL up till now. In this article, we shall be confronted with the rest of implementation in the context of CIL programming such as how to build and consume *.dll file...

.NET Reverse Engineering –Part 2 Ajay Yadav July 26, 2013 Introduction The first Article of this series touched the most significant aspect of the MSIL code Instructions, for instance, how a program written in ILASM, and how to define the basic components (classes, fields, function and...

.NET Reverse Engineering-1:CIL Programming Ajay Yadav July 12, 2013 Introduction The prime objective of this article is to confront with the .NET mother tongue language termed as Common Instruction Language (CIL) which laid down the foundation of .NET Reverse Engineering. Here, you will...

19 Extensions to Turn Google Chrome into Penetration Testing tool Pavitra Shankdhar July 19, 2013 Google Chrome is the most popular web browser of the world. It’s light weight and comes with a clean interface. This is the main reason of its popularity. It also has various other features that...

Socket Programming Ajay Yadav July 19, 2013 Introduction This article will give you a broad understanding of key networking concepts, such as ISO stack and TCP/IP, and how applications can logically and physically distribute in a network environment. This article also covers .NET base classes...

Password Cracking Evolution Rohit Shaw July 18, 2013 In this article, my goal is to show the evolution in password cracking era how hackers/crackers cracked passwords around 10 years ago and how they are cracking them nowadays. Before coming into this topic, first I clarified the concept of a...