Week 10 in Review – 2011

Events Related

  • CodeGate 2011 YUT Quals – ppp.cylab.cmu.edu
    The problems consisted of web vulnerabilities, forensics, cryptography, binary reversing, and some problems related to security topics that had been in the news.


  • Stack Based Buffer Overflow Tutorial
    This tutorial, in three parts, will cover the process of writing a simple stack based buffer overflow exploit based on a known vulnerability in the Vulnserver application.


  • WCE v1.1 is out! – hexale.blogspot.com
    Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials.
  • Metasploit Framework 3.6.0 Released! – blog.metasploit.com
    In coordination with Metasploit Express and Metasploit Pro, version 3.6 of the Metasploit Framework is now available.
  • Agnitio v1.2 – darknet.org.uk
    Agnitio is a tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way.
  • AntiSamy 1.4.4 released! – i8jesus.com
    The biggest move of this release is to officially change the default parser/serializer from the DOM engine to the SAX engine.
  • BeEF v0.4.2.3-alpha! – code.google.com
    BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes.
  • iAnalizer: An Integrity Analyzer for SAP! – onapsis.com
    Though this tool was talked about last year at the BlackHat security conference, it is only now that the tool is being released for download.
  • Analyzing PDF exploits for finding payloads used – research.zscaler.com
    In this blog, we will examine yet another in the wild PDF exploit which has hidden it’s malicious code under different objects.
  • This Is Not the Android Market Security Tool You Are Looking For – intrepidusgroup.com
    We have been actively following and analyzing the spate of Android malware in the Android Market place.


  • Dumpstrings.1sc – blog.didierstevens.com
    I wrote another script for my 010 Editor.
  • Can You Hack Your Own Site – net.tutsplus.com
    We’ve been asked by our client to incorporate into an existing site, a book review system.
  • Flash InternalInterface.call() JavaScript Injection – soroush.secproject.com
    According to the Adobe website, ExternalInterface.call() can accept a JavaScript function name as the first argument and a string which would be sent to that JavaScript function.
  • SMBRelay by Oracle – dsecrg.blogspot.com
    Our next target is Oracle. Oracle is one of the most widespread RDBMS and many Enterprises use it as backend.
  • Hacking GDB – acsu.buffalo.edu
    To see how a function in GDB is implemented, seek calls to the following functions in GDB source tree.
  • At least, I got DoS – blogs.recurity-labs.com
    Due to Wireshark having more than 1,000 different packet dissectors in this directory, I chose a pretty dumb approach to find interesting code parts.
  • Hacking crappy password resets (part 1) – skullsecurity.org
    For this first part, I’m going to take a closer look at some very common code that I’ve seen in on a major “snippit” site and contained in at least 5-6 different applications.
  • How Android/Fake10086 selectively blocks SMS – blog.fortinet.com
    In brief, Android/Fake10086.A!tr looks like a handy hotel reservation application, but in the background it communicates with a remote web server and blocks some incoming SMS messages.
  • BFF 2.0 ImageMagick Fuzz Run Tutorial – youtube.com
    A walk-through of the Basic Fuzzing Framework’s default ImageMagick fuzz run.

Vendor/Software Patches


  • Oracle padding attacks – isc.sans.edu
    We can see a valid request (HTTP status code 200) and then a series of 500 requests, as well as a single 403 request.

Other News

Leave A Comment