Resources
- Breaking in to Security – Survey Conclusions, Part 1 – digininja.org
To collect the data I created an online survey and sent it out through as many sources as I could, to date I’ve got over 300 results and I’d like to say a huge thanks to everyone who completed it and helped with the advertising. If you want to see the full raw data I’ve published it and intend to try to keep it fairly up-to-date as more people answer the survey.
- oclHashcat Examples of lots of different hash types – phillips321.co.uk
So you’ve got oclHashcat and you want to practice cracking hashes but you’ve got no hashes? Fear not! There are hashes listed below for you to play with or if you would like to generate hashes yourself download my perl module here and have a play with making them and then cracking yourself.
- getting from seh to nseh – thesprawl.org
There are several approaches to doing this with the ‘POP-POP-RET’ being the most popular. Let’s see exactly why this approach works and analyze potential alternatives such as JMP DWORD PTR
[EBP+0x30], POPAD and ROP.- iPhone Forensics Analysis of iOS 5 backups : Part 1 – infosecinstitute.com
iPhone forensics can be performed on the backups made by iTunes or directly on the live device. This Previous article on iPhone forensics detailed the forensic techniques and the technical challenges involved in performing live device forensics.
Tools
- CERT
- CERT Linux Triage Tools 1.0 Released – cert.org
As part of the vulnerability discovery work at CERT, we have developed a GNU Debugger (GDB) extension called “exploitable” that classifies Linux application bugs by severity. Version 1.0 of the extension is available for public download here. This blog post contains an overview of the extension and how it works.
- CERT Basic Fuzzing Framework 2.5 Released – cert.org
Hi folks, Allen Householder here. In addition to the recent introduction of our new Failure Observation Engine (FOE) fuzzing framework for Windows and Linux Triage Tools, we have updated the CERT Basic Fuzzing Framework (BFF) to version 2.5. This post highlights the significant changes.
- psychomario/ntlmsspparse – github.com
ntlmsspparse – Parses ntlmssp netlm[v2] hashes out of a pcap file for use with a password cracker.
Techniques
- Three Areas You Need To Test When Assessing Mobile Applications – securestate.com
Having spoken at both at the SANS Mobile Device Security Summit as well as OWASP AppSec DC recently about testing mobile applications I’ve encountered that like the old saying goes “There are many ways to skin a cat”, there are also many ways to assess a mobile application.
- Command Injection to Code Execution with PowerShell – obscuresecurity.blogspot.com
A common scenario that testers face involves leveraging command injection vulnerabilities into a full-blown shell. A lot of people view command injection as an old technique, but it is very relevant today. There are many different types of attacks that end in command injection (e.g. SQL injection), so testers need a way to turn Windows commands into shell access.
- Decrypting the iPhone keychain from backups SECURITYLEARN – securitylearn.wordpress.com
In iTunes backup, the iPhone Keychain sqlite database is stored as a PList file. The Keychain file gets stored with 51a4616e576dd33cd2abadfea874eb8ff246bf0e file name in the iTunes backup folder.
- Interesting Directives in php.ini (for Pen Testers and Devs) – pentesticles.com
This post aims to pin-point the directives that developers should be familiar with and also show penetration testers the nuts and bolts of the issues they’re seeing so that they may better advise their clients.
Vendor/Software Patches
- Adobe Flash
- Critical Flash Update Fixes Zero-day Flaw Krebs on Security – krebsonsecurity.com
Adobe Systems Inc. today issued a security update to its Flash Player software. The company stressed that the update fixes a critical vulnerability that malicious actors have been using in targeted attacks.
- Security update available for Adobe Flash Player – adobe.com
Adobe released security updates for Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x.
- Update: TaskManager.xls V0.1.3 Killer Shellcode – blog.didierstevens.com
Today I’m adding a new command to our toolkit: injecting and executing shellcode in the target process. I’m providing 32-bit and 64-bit shellcode that calls ExitProcess. When this shellcode is injected and executed inside a process, the process will terminate itself.
- Metasploit VMware Auxiliary Modules – eromang.zataz.com
Metasploit provide VMware auxiliary modules who allow you to gather informations, authentication brute force, execute task against ESX/ESXi.
Vulnerabilities
- CVE-2012-1675 Oracle Database TNS Poison 0Day Video Demonstration – eromang.zataz.com
Demonstration of the critical remotely exploitable vulnerability CVE-2012-1675 TNS Poison affecting all Oracle database server versions. - Release of exploit code puts Oracle Database users at risk of attack – arstechnica.com
Oracle has declined to patch a critical vulnerability in its flagship database product, leaving customers vulnerable to attacks that siphon confidential information from corporate servers and execute malware on backend systems, a security researcher said.
Other News
- Everyone Has Been Hacked. Now What? – wired.com
Hackers are everywhere and everyone has been hacked. So what’s a company to do?
- Apple security blunder exposes Lion login passwords in clear text – zdnet.com
With the latest Lion security update, Mac OS X 10.7.3, Apple has accidentally turned on a debug log file outside of the encrypted area that stores the
- iPhone Forensics Analysis of iOS 5 backups : Part 1 – infosecinstitute.com
[…] Mercedes Benz e250 Sedan Sport on MercedesLine 6 Otto FilterHarley Davidson Rides To $59 As Growth Hits On All CylindersDeronda Type F – Details and PicturesPCSD#4: MusashiWeek 18 in Review – 2012 […]