- Research for SharePoint (MOSS) – owasp.org
This page contains research notes on Microsoft’s SharePoint MOSS and WSS
- MS SQL – Useful Stored Procedures for SQL Injection and Ports Info – pentesticles.com
The following post lists and describes various useful stored procedures and port information for MS SQL.
- Portable Executable 101 – a windows executable walkthrough – code.google.com
This graphic (PDF JPG) is a walkthrough of a simple windows executable, that shows its dissected structure and explains how it’s loaded by the operating system.
- SAP Slapping – labs.mwrinfosecurity.com
Dave Hartley delivered his “SAP Slapping” presentation at the CRESTCon and BSides London security conferences recently. The talk provides a high level overview of common SAP system vulnerabilities and misconfigurations.
- Scanning the Web with Ammonite – resources.infosecinstitute.com
Ammonite is a Fiddler extension used to scan web applications for common vulnerabilities like verbose and blind SQL injection, OS commanding, local file inclusion, buffer overflows, format string vulnerabilities etc.
- Exploiting Windows 2008 – esec-pentest.sogeti.com
Internal network pentesting involving domain controllers requires a few steps in order to gain domain administrator access. One of them usually requires to gain local administrator access to a workstation.
- Gason – BurpSuite Plugin’s Project – Google Project Hosting – code.google.com
This project contains a plugin to extend BurpSuite proxy. And know you can run gason stand alone!!
- Skipfish version 2.06b Update – code.google.com
Skipfish is a fully automated, active web application security reconnaissance tool.
- Android Emulator, Trusted CA, and Persistent Storage – carnal0wnage.attackresearch.com
Android periodically updates it’s SDK and somtimes when this happens, old methods for importing a Trusted CA, necessary to proxy SSL traffic, will fail and you must find a new solution.
- Update – Android & SSL Cert – carnal0wnage.attackresearch.com
Thanks to the comments left by Zach from our last Android post here, it has been brought to my attention there is an easier way to do all of this with the latest AVD (4.0.3).
- SecurityStreet: Unsupported Browser – rapid7.com
The purpose of this post is to point out a little-known jewel — the -m flag to meterpreter’s execute command.
- Microsoft Security Bulletin
- MS12-029 – Critical : Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) – technet.microsoft.com
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- MS12-032 – Important : Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338) – technet.microsoft.com
This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.
- Bulletin Management Process and the May 2012 Bulletins – blogs.technet.com
Have you ever wondered why bulletins group particular issues together? Or one set of products and not another? Well today Jonathan Ness has posted an insightful Security Research & Defense (SRD) blog discussing some of the nuances and packaging decisions that went into MS12-034.
- Microsoft patches 23 Windows flaws, warns of risk of code execution attacks – zdnet.com
The Patch Tuesday batch for May 2012 covers at least 23 documented vulnerabilities in Microsoft Office, Microsoft Windows, the Microsoft .NET Framework and Microsoft Silverlight.
- Adobe, Microsoft Push Critical Security Fixes – krebsonsecurity.com
Adobe and Microsoft today each issued updates to address critical security flaws in their software.
- PHP-CGI Vulnerability Exploited in the Wild – blog.sucuri.net
When the PHP-CGI vulnerability was disclosed, we knew it would be just a matter of days before it started to be exploited in the wild.
- Thousands of Twitter passwords exposed – news.cnet.com
It’s unclear who’s responsible for posting passwords for Twitter accounts to a public Web site. The exact number of accounts is also unclear, as Twitter says many are duplicates and many had already been suspended.
- FBI Warns Travelers Using Hotel Networks About New Attack – darkreading.com
The FBI says attackers are trying to trick users into installing malware with promises of software updates.
- Sniffer tool displays other people’s WhatsApp messages – h-online.com
WhatsApp Sniffer is an app able to display messages from other WhatsApp users connected to the same network as the app user.