Week 47 in Review – 2012

Event Related

Resources

  • cfbackdoor – gironsec.com

    This is a text file.

Tools

  • Util
    • Util – Windows Handles Viewer (Simple GUI with REPL) v1.0.exe – diniscruz.blogspot.com
      Based on the Util – Windows Handles Viewer (Simple Gui) v1.0.exe tool, here is a bigger version (5Mbs) which contains a C# REPL Script editor (with the detected handle provided as a parameter).
    • Util – Windows Handles Viewer (Simple Gui) v1.0.exe – diniscruz.blogspot.com
      Following my research into Win32 Messaging APIs that allowed me to put both IBM AppScan Source and Standard working side by side and to connect TeamMentor with AppScan Source, here is a pretty sweet Windows Handles Viewer which allows the easy discovery (and in some cases modification) of the Window’s Handle of a particular Win32’s Button, TextBox, Menu, Window, etc…
  • OllyDbg version 2.01h – ollydbg.de
    OllyDbg the 32-bit assembler level analysing debugger for Microsoft Windows has been updated to version 2.01h.

  • Nishang 0.2.0 – More PowerShell awesomeness – labofapenetrationtester.blogspot.com

    Behold world, I give you a new and shiny version of Nishang after a long gap 🙂 I have been using PowerShell more and more by each pen test so expect even more awesomeness.

Techniques

  • Disassembling the Woolworths Facebook scam – troyhunt.com
    Troy Hunt on observations, musings and conjecture about the world of software and technology

  • HTTPS via WinAPI – sensepost.com

    Hijacking SSL sessions initiated by the browser is a trivial task. The challenge comes when trying to intercept SSL traffic in applications such as Dropbox or Easynote. These apps create additional measures to verify certificates and their integrity, hence not very friendly to perform with Burp.

  • Dumping iClass Keys – blog.opensecurityresearch.com

    iClass, arguably the second most widely deployed technology in proximity card access systems (the first being the ProxCard II), is a proprietary RFID communications standard and card type. It provides an enhanced level of security over the ProxCard as it encrypts the data stored on the card and leverages a challenge/response form of authentication between the card and the reader.

  • Use PowerShell for Network Host and Port Discovery Sweeps – blogs.technet.com
    Guest blogger, Niklas Goude, discusses using Windows PowerShell to perform ping sweeps and port scans on a connected network.

Vendor/Software Patches

Other News

2017-03-12T17:39:43-07:00 November 26th, 2012|Security Conferences, Security Tools, Week in Review|0 Comments

Leave A Comment