Events Related
- CanSecWest
Event debriefing- CanSecWest, a decade later and still growing - privasectech.com
- CanSecWest 2011 day 1 – the-interweb.com
- CanSecWest 2011 day 2 - the-interweb.com
- CanSecWest 2011 day 3 – the-interweb.com
- Highlights of CanSecWest Day 1 – blogs.mcafee.com
- Highlights of CanSecWest Day 2 – blogs.mcafee.com
- Understanding and Exploiting Flash Vulnerabilities – log.fortinet.com
- CanSecWest Presentations – research.phreedom.org
- CodeGate 2011 YUT Quals - ppp.cylab.cmu.edu
The problems consisted of web vulnerabilities, forensics, cryptography, binary reversing, and some problems related to security topics that had been in the news.
- Pwn2Own 2011
What went down and various news bits- Researcher chains three exploits to take down IE8 at PWn2Own – computerworld.com
- Google’s Chrome untouched at Pwn2Own hackmatch – computerworld.com
- Safari, IE hacked first at Pwn2Own – computerworld.com
- iPhone, BlackBerry tumble to Pwn2Own hackers - computerworld.com
- Pwn2Own 2011: no one goes after Chrome – h-online.com
- Pwn2Own Day 2: iPhone and BlackBerry hacked – h-online.com
- Hacker kills his own Pwn2Own bug for Android phones - theregister.co.uk
- IE8, Safari, iPhone, BlackBerry exploited in Pwn2Own contest – news.cnet.com
- Pwn2Own Winner Stephen Fewer – threatpost.com
- Apple Safari and Internet Explorer 8 Go Down at Pwn2Own, iPhone Up Next - threatppost.com
- iPhone, BlackBerry Fall on Second Day of Pwn2Own – threatpost.com
- Why Pwn2Own Is What’s Right With Security – threatpost.com
- Safari, MacBook first to fall at Pwn2Own 2011 – zdnet.com
- BlackBerry falls to webkit browser attack – zdnet.com
- Charlie Miller wins Pwn2Own again with iPhone 4 exploit – zdnet.com
- Pwn2Own considered (somewhat) harmful – Icamtuf.blogspot.com
Resources
- RootedCon 2011 “WCE Internals” presentation available at slideshare – hexale.blogspot.com
Check out my presentation on “WCE Internals” (based on WCEv1.1) available at slideshare. - 11th WhiteHat Website Security Statistic Report -whitehatsec.com
WhiteHat Security’s 11th Website Security Statistics Report, presents a statistical picture gleaned from over five years of vulnerability assessment results taken from over 3,000 websites across 400 organizations under WhiteHat Sentinel management. - PenTest Execution Standard
The point behind all of this is a simple goal of raising the bar of penetration testing and how it’s performed.- Penetration Testing Execution Standard wiki - pentest-standard.org
- PTES – Penetration Testing Execution Standard – zonbi.org
- Android Market Security Tool - globalthreatcenter.com
The “Android Market Security Tool” performs a number of tasks on the handset to remove all remnants of the infections before deleting itself. - Browser Exploitation for Fun & Profit Revolutions – blog.taddong.com
Each episode content somehow builds on the topics and knowledge covered on the previous episodes, trying to minimize the overlap, except for the most important messages and goals I wanted to address with this initiative.
- Stack Based Buffer Overflow Tutorial
This tutorial, in three parts, will cover the process of writing a simple stack based buffer overflow exploit based on a known vulnerability in the Vulnserver application.- Part 1 Introduction – resources.infosecinstitute.com
- Part 2 Exploiting the Stack overflow – resources.infosecinstitute.com
- Part 3 Adding shellcode – resources.infosecinstitute.com
Tools
- WCE v1.1 is out! - hexale.blogspot.com
Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials. - Metasploit Framework 3.6.0 Released! – blog.metasploit.com
In coordination with Metasploit Express and Metasploit Pro, version 3.6 of the Metasploit Framework is now available. - Agnitio v1.2 – darknet.org.uk
Agnitio is a tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. - AntiSamy 1.4.4 released! - i8jesus.com
The biggest move of this release is to officially change the default parser/serializer from the DOM engine to the SAX engine. - BeEF v0.4.2.3-alpha! - code.google.com
BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes. - iAnalizer: An Integrity Analyzer for SAP! - onapsis.com
Though this tool was talked about last year at the BlackHat security conference, it is only now that the tool is being released for download. - Analyzing PDF exploits for finding payloads used – research.zscaler.com
In this blog, we will examine yet another in the wild PDF exploit which has hidden it’s malicious code under different objects. - This Is Not the Android Market Security Tool You Are Looking For – intrepidusgroup.com
We have been actively following and analyzing the spate of Android malware in the Android Market place.
Techniques
- Dumpstrings.1sc – blog.didierstevens.com
I wrote another script for my 010 Editor. - Can You Hack Your Own Site - net.tutsplus.com
We’ve been asked by our client to incorporate into an existing site, a book review system. - Flash InternalInterface.call() JavaScript Injection – soroush.secproject.com
According to the Adobe website, ExternalInterface.call() can accept a JavaScript function name as the first argument and a string which would be sent to that JavaScript function. - SMBRelay by Oracle - dsecrg.blogspot.com
Our next target is Oracle. Oracle is one of the most widespread RDBMS and many Enterprises use it as backend. - Hacking GDB - acsu.buffalo.edu
To see how a function in GDB is implemented, seek calls to the following functions in GDB source tree. - At least, I got DoS – blogs.recurity-labs.com
Due to Wireshark having more than 1,000 different packet dissectors in this directory, I chose a pretty dumb approach to find interesting code parts. - Hacking crappy password resets (part 1) – skullsecurity.org
For this first part, I’m going to take a closer look at some very common code that I’ve seen in on a major “snippit” site and contained in at least 5-6 different applications. - How Android/Fake10086 selectively blocks SMS – blog.fortinet.com
In brief, Android/Fake10086.A!tr looks like a handy hotel reservation application, but in the background it communicates with a remote web server and blocks some incoming SMS messages. - BFF 2.0 ImageMagick Fuzz Run Tutorial - youtube.com
A walk-through of the Basic Fuzzing Framework’s default ImageMagick fuzz run.
Vendor/Software Patches
- Apple issues mammoth security update for Safari browser - nakedsecurity.sophos.com
Apple has released Safari 5.0.4 – the latest version of Apple’s browser software for Windows and Mac users – patching an eye-watering 62 security vulnerabilities in the process. - March 2011 Microsoft Black Tuesday Summary – isc.sans.edu
Here are the March 2011 Black Tuesday patches. Enjoy! - VMWare Security Advisories 2011 - vmware.com
VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.
Vulnerabilities
- Oracle padding attacks – isc.sans.edu
We can see a valid request (HTTP status code 200) and then a series of 500 requests, as well as a single 403 request.
Other News
- Anonymous makes a laughing stock of HBGary – h-online.com
Trying to explain Anonymous is a hopeless undertaking – as a first approximation you can view them as a group of anonymous internet activists. - Hackers spear-phish, infiltrate French Ministry of Finances - arstechnica.com
The break-in was reported in Paris Match, and has since been confirmed by Minster of Budget François Baroin. - With hacking, music can take control of your car – itworld.com
By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse. - Making Sport of browser security, hackers topple IE, Safari once again – theregister.co.uk
Contestants in a high-stakes hacking contest had no trouble toppling the Apple Safari and Microsoft Internet Explorer browsers. - Green Skimmers Skimming Green - krebsonsecurity.com
To combat an increase in ATM fraud from skimmer devices, cash machine makers have been outfitting ATMs with a variety of anti-skimming technologies. - Router-rooting malware pwns Linux-based network devices - megapanzer.com
Security researchers have discovered a rare strain of router-rooting malware that targets network devices running either Linux or Unix. - Hackers versus Apple: An interview with Charlie Miller and Dino Dai Zovi - h-online.com
Heise’s new Mac & i magazine recently interviewed Charlie Miller and Dino Dai Zovi, co-authors of “The Mac Hacker’s Handbook” about Apple security and how to compromise it.
Tags: CanSecWest, CodeGate, pwn2own
No comments yet.