Week 8 in Review – 2013

Event Related

Resources

  • APT 1
  • Application Security Testing of Thick Client Applications – resources.infosecinstitute.com

    In this article, we will learn about thick client applications, their vulnerabilities and ways to carry out security assessment of these applications.

  • Real Life Vulnerabilities Statistics: an overview – blog.mindedsecurity.com

    For this reason, we collected all our reports from 2010 until 2012 and performed a statistical analysis that, in conjunction with other contributors’ results, will help the new OWASP Top Ten to better fit these times and to keep track of differences from previous versions.

  • DEPS Precise Heap Spray on Firefox and IE10 – corelan.be

    Last week, while doing my bi-weekly courseware review and update, I discovered that my heap spray script for Firefox 9 no longer works on recent versions.

  • Easy DOM-based XSS detection via Regexes – blog.spiderlabs.com

    If you are interested in finding DOM-based XSS, you must have knowledge of http://code.google.com/p/domxsswiki/wiki/Introduction already. This is the best online resource about DOM-based XSS maintained by my friends Stefano di Paola and Mario Heiderich.

  • CMD.EXE LOOPS PART III – resources.infosecinstitute.com

    CMD.exe provides FOR loops that work in a rather awkward manner but they are quite powerful indeed. In this section, let us see how can we understand the for loop switches and their purposes, using a problem description and solution approach.

  • IDA Program Patching – resources.infosecinstitute.com

    Ida’s primary purpose is not binary patching, because when you first load the binary, it takes a snapshot of the binary and builds an internal representation, which is saved in the .idb database.

  • Digging Into the Sandbox-Escape Technique of the Recent PDF Exploit – mcafee.com

    As promised in our previous blog entry for the recent Adobe Reader PDF zero-day attack, we now offer more technical details on this Reader “sandbox-escape” plan. In order to help readers understand what’s going on there, we first need to provide some background.

  • Infosec and Higher Education Part 2 – ptcoresec.eu

    So when this week I received an email from a Student asking me for some help ( students from his university had been complaining about the degree and lecturers asked them to go and re-write the degree as they saw fit and that they would consider doing it), I felt like I should do this blogpost which I had prepared for a while.

Tools

  • ThreatModeler 3.0 – myappsecurity.com

    MyAppSecurity is proud to release ThreatModeler 3.0. Packed with several in-demand features to easily manage threats and measure the state of security at an organization, this new release comes updated with features to.

  • Update XORSearch V1.8.0: Shifting – blog.didierstevens.com

    This new version of XORSearch comes with a new operation: shifting left.

  • Introducing the WAF Testing Framework – blog.imperva.com

    Last week I attended an OWASP conference in Israel and participated in a panel about WAFEC.

Techniques

  • SSHD Rootkit
    • SSHD rootkit in the wild – isc.sans.edu

      There are a lot of discussions at the moment about a SSHD rootkit hitting mainly RPM based Linux distributions. Thanks to our reader unSpawn, we received a bunch of samples of the rootkit.

    • Linux Based SSHD Rootkit Floating The Interwebs – blog.sucuri.net

      For the past couple of days we have been a lot of discussion on a number of forums about a potential kernel rootkit making it’s rounds on the net. Interesting enough when we wrote about the case it wasn’t being picked up by anyone, today however it’s being picked up my an number of AV’s .

  • Hacking Facebook OAuth
  • De-duping multiple interface nessus results with sed. – pentesticles.com

    Lets assume that you have your Nessus output and have it it some useful parse-able format. (xmlstarlet anyone?)

  • Finding and Reverse Engineering Deleted SMS Messages – az4n6.blogspot.com.br

    Recovering deleted SMS messages from Android phones is a frequent request I get. Luckily, there are several places and ways to recover these on an Android phone. After working a case that involved manually carving hundreds of juicy, case making messages, I collaborated with cheeky4n6monkey on a way to automate the process.

  • Forwarding SMS to Email on
    [Jailbroken] iOS – blog.opensecurityresearch.com

    As with most ideas, this one also took shape out of necessity to reduce manual work and dependencies in various scenarios. This blog post shows one of the many ways to read SMS messages from a jailbroken iPhone and send it as an email.

  • Hacking The Xerox Multifunction Printer Firmware Patch Process – foofus.net

    Its been almost a year since this firmware process hack was first discussed at CarolinaCon by percX. PercX has finally finished up his tutorial/white paper on the subject. In this paper he discusses the hack in-depth.

  • How Attackers Steal Private Keys from Digital Certificates – symantec.com

    Regular readers of the Symantec blog may sometimes read blogs that mention a fraudulent file that is signed with a valid digital certificate or that an attacker signed their malware with a stolen digital certificate.

  • Exploring WMI using WMI and CIMCmdlets – darkoperator.com

    In the previous blog post I covered how to explorer WMI using a GUI tool, now lets look at how to explorer WMI first using the WMI Cmdlets that are found in PowerShell v2 and PowerShell v3, then we will look at how to use CIM Cmdlets that where introduced in PowerShell v3 and the improvements Microsoft did to make using WMI even better in PowerShell v3.

Vendor/Software Patches

  • Adobe Flash Player 0-day and HackingTeam’s Remote Control System – securelist.com

    Adobe Flash Player CVE-2013-0633 is a critical vulnerability that was discovered and reported to Adobe by Kaspersky Lab researchers Sergey Golovanov and Alexander Polyakov. The exploits for CVE-2013-0633 have been observed while monitoring the so-called -legal- surveillance malware created by the Italian company HackingTeam. In this blog, we will describe some of the attacks and the usage of this 0-day to deploy malware from -HackingTeam- marketed as Remote Control System.

Vulnerabilities

Other News

2017-03-12T17:39:42-07:00 February 25th, 2013|Security Conferences, Security Tools, Security Vulnerabilities, Week in Review|0 Comments

Share This Story, Choose Your Platform!

Leave A Comment