- Securitybyte CTF Walkthrough – securitylearn.wordpress.com
SecurityByte is India’s largest hacking conference conducted in Bangalore. To make this event more interesting, they do arrange capture the flag events (Web & WI-FI hacking challenges).
- Ncrack and the Morto Worm
Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.
- Using ncrack to test for servers vuln to Morto worm – carnal0wnage.attackresearch.com
- Ncrack entry – nmap.org/ncrack/
- TrueCrypt 7.1 brings full Mac OS X Lion Support – h-online.com
The TrueCrypt project has announced the arrival of version 7.1 of its open source, cross platform, disk encryption tool. TrueCrypt 7.1, the project’s first new stable release in nearly a year, is a maintenance update that adds full compatibility with 32- and 64-bit versions of Mac OS X 10.7 Lion. The developers note that several minor improvements and bug fixes affecting all supported platforms are also included; however, specific details have not been provided.
- Bottom Up Randomization Saves Mandatory ASLR – blog.didierstevens.com
I recently found out that pseudo-ASLR (or mandatory ASLR in EMET) has a lower entropy than real ASLR. While real ASLR has a 8-bit entropy for base addresses, mandatory ASLR turned out only to have about 4 bits of entropy, and the distribution was far from uniform. What I forgot to tell you in that post, is that I just enabled Mandatory ASLR as mitigation in EMET.
- TTCP and Later – gse-compliance.blogspot.com
NetCat is a great and simple tool with many uses, but it has a number of limitations in being such a simple and generalised tool. A tool that allows for some more specialised uses of sockets and connection testing is TTCP or “Test TCP”.
- Heap Overflow For Humans 102 – net-ninja.net
Initially I discussed techniques for exploiting heap overflows in older versions of Windows in an attempt to give the reader a practical working knowledge of how the unlink process works and how flink/blink from freelist