Week 49 in Review – 2010

Events Related:



  • Runasil – didierstevens.com
    Because I didn’t find a program to start an application with a given integrity level from “Image File Execution Options”, I wrote runasil.
  • JavaSnoop 1.0 FINAL released! – i8jesus.com
    After 6 release candidates, roughly a thousand bugs fixed, dozens of improvements and features added, I finally think the tool is ready for general availability.
  • j0llydmper – code.google.com/p/j0llydmper/
    j0llydmper is a windows service that allows you to dump furtively and automaticaly some content of USB disks just plugged in your computer.
  • OWASP Zed Attack Proxy Project – owasp.org
    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
  • Armitage 12.06.10 – fastandeasyhacking.com
    Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework.
  • skipfish-1.82b – code.google.com/p/skipfish
    A fully automated, active web application security reconnaissance tool.
  • Zozzle (Microsoft’s Javascript-Malware Analysis Tool) – kaffenews.com
    In a sentence Zozzle is a static web-page analyzer for detecting ‘Heap-Spray Exploits’.
  • Bluelog v0.9.8 – digifail.com
    Bluelog is a Linux Bluetooth scanner written to do a single task, log devices that are in discoverable mode. It is intended to be used as a site survey tool, determining how many discoverable Bluetooth devices there are in a given environment.
  • Hyenae v0.35-3 – sourceforge.net/projects/hyenae
    Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant.
  • OVF Tool Documentation – vmware.com
    VMware OVF Tool is a command-line utility that allows you to import and export OVF packages to and from a wide variety of VMware platform products.
  • VIDigger v1.0 – layeredsec.com
    VIDigger is designed to help administrators check the configuration of ESX server and the virtual machines hosted on ESX server against the VMware Infrastructure Hardening guide and other best practices.”
  • Browser Exploitation Framework v.0.4.2 – code.google.com/p/beef/
    It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target.
  • owasp-dos-http-post – code.google.com/p/owasp-dos-http-post/
    This tool was created and released GPLv3 Open Source for performance testing of systems and controls.


  • The USB Stick O’ Death – spareclockcycles.org
    I’ve recently been researching and experimenting with USB malware, and I wanted to take a shot at developing my own malicious USB stick.
  • Avoiding AV Detection – spareclockcycles.org
    My main goal in this research was to see how much effort it would take to become undetectable again, and the answer was ‘virtually none’.
  • DOM based Cross-site Scripting vulnerabilities – acunetix.com
    Like server-side scripts, client-side scripts can also accept user input which can contain malicious code.
  • Internet Explorer 9 ad blocking via “Tracing Protection” — no means yes. – jeremiahgrossman.blogspot.com
    User configurations will also be persistent across sessions, even when the browser is restarted, which is opposite to how InPrivate mode behaves. This is huge!
  • Quick and Easy Oracle Default Password Enumeration – digitalbond.com
    For the purpose of this post, the SID enumeration and default account/password auditing are the most important features of oscanner.
  • BlackBerry password cracking: multi-threaded, with hardware-accelerated AES – crackpassword.com
    The reason is pretty simple: we are not able to generate passwords that fast, especially when we perform all those nice mutations of wordlists passwords (changing the letter case, adding or replacing symbols etc).
  • Firefox 3.6.13: damn you, corner cases – lcamtuf.blogspot.com
    As you may recall, one of the more significant shortcomings of the same-origin policy is that it does not give any guidance on handling documents with no inherent origin associated – that is, it fails to account for all the content coming from about:, data:, file:, and similar pseudo-URLs.
  • On the effectiveness of DEP and ASLR – technet.com
    DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) have proven themselves to be important and effective countermeasures against the types of exploits that we see in the wild today.
  • More updates (including RAR) – golubev.com
    Obviously it isn’t possible to reach with 83.5% utilization, so I’ve made some tests with 5xMD5 again and this time speed-up is here.


  • Canon Original Data Security System Vulnerability – elcomsoft.com
    The credibility of photographic evidence becomes vital in numerous situations for insurance companies and courts, as they may accept digital image as indisputable evidence if it can be proven genuine.

Vendor/Software Patches:

  • New version of OpenSSL fixes two vulnerabilities – h-online.com
    A flaw in an older workaround for Netscape browsers and servers can be remotely exploited to make an OpenSSL server downgrade the ciphersuite to a weaker one for subsequent connections.

Other News:

One Comment

  1. […] This post was mentioned on Twitter by Nautes, Win Security. Win Security said: Week 49 in Review – 2010: [#infosecevents.net] Events Related: OWASP BeNeLux Day 2010 Wrap Up rootshell.be… http://dlvr.it/BK7Lb […]

Leave A Comment