Section: .. / papers / bypass /
| Page 2 of 2 | | |
<< 1 2 >> | Files 25 - 46 of 46 |
| Currently sorted by: Last Modified | Sort By: File Name, File Size |
| /// File Name: |
GOT_Hijack.txt |
Description:
|
This short paper discusses the method of overwriting a pointer used in a function for the sake of overwriting the associated entry in the Global Offset Table (GOT) which in turn allows for execution flow redirection.
| | Author: | c0ntex | | Homepage: | http://www.open-security.org | | File Size: | 16696 | | Last Modified: | Aug 28 15:59:30 2005 |
| MD5 Checksum: | ffbeb2e8b0768454f781f66654e95478 |
|
| /// File Name: |
ThePharmingGuide.pdf |
Description:
|
Exploiting well known flaws in DNS services and the way in which hostnames are resolved to IP addresses, Phishers have upped the ante in the cyberwar for control of a customer's online identity for financial gain. A grouping of attack vectors now referred to as "Pharming", affects the fundamental way in which a customer's computer locates and connects to an organizations online offering. This paper, extending the original material of "The Phishing Guide", examines in depth the workings of the name services of which Internet-based customers are dependent upon, and how they can be exploited by Pharmers to conduct identity theft and financial fraud on a massive scale.
| | Author: | NGSSoftware Insight Security Research | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 1611352 | | Last Modified: | Aug 25 01:16:22 2005 |
| MD5 Checksum: | f1eb60baaa656bb670be1bb0a390c3a1 |
|
| /// File Name: |
BluezHCIDpwned.txt |
Description:
|
Document that outlines an exploitable scenario for hcid using the popen() bug in security.c. This was written in response to a claim that the bluez vulnerability was quite trivial.
| | Author: | Kevin Finisterre | | File Size: | 6517 | | Last Modified: | Aug 18 03:48:10 2005 |
| MD5 Checksum: | b72ff079514eeeedc49d026f205fb05b |
|
| /// File Name: |
bypassing-win-heap-protections.pdf |
Description:
|
Whitepaper detailing a new way to bypass Microsoft Windows heap protection mechanisms. The methodology explained here is different from the method introduced by Alexander Anisimov.
| | Author: | Nicolas Falliere | | File Size: | 89925 | | Last Modified: | Aug 17 02:58:28 2005 |
| MD5 Checksum: | bbe8f8d36f5ad8e3f1c34915ce9660aa |
|
| /// File Name: |
httpsplit.txt |
Description:
|
This technical note describes a detection/prevention technique that works in many cases both with HTTP Response Splitting and with HTTP Request Smuggling.
| | Author: | Amit Klein | | File Size: | 10124 | | Last Modified: | Aug 17 02:30:51 2005 |
| MD5 Checksum: | 6dd02db0137701d3c42986ed49b1c661 |
|
| /// File Name: |
Return-to-libc.txt |
Description:
|
Cool whitepaper discussing the return into libc attacks used to bypass non-executable stacks.
| | Author: | c0ntex | | File Size: | 9150 | | Last Modified: | Jul 21 02:07:01 2005 |
| MD5 Checksum: | 2cdf9eb2ba348d35e4923412c4b6b7e8 |
|
| /// File Name: |
javascriptFun.txt |
Description:
|
This tutorial is an overview of how javascript can be used to bypass html forms and how it can be used to override cookie/session authentication.
| | Author: | Dr_aMado | | File Size: | 8733 | | Last Modified: | May 7 04:57:10 2005 |
| MD5 Checksum: | 9dff177e25d94281c9a2dab498241834 |
|
| /// File Name: |
zk-blind.txt |
Description:
|
White paper discussing blind injection in MySQL databases.
| | Author: | Zeelock | | File Size: | 8159 | | Last Modified: | Feb 25 00:12:46 2005 |
| MD5 Checksum: | 53bf8afed972125094b75a5e6086a67a |
|
| /// File Name: |
defeating-xpsp2-heap-protection.pdf |
Description:
|
The MaxPatrol team has discovered that it is possible to defeat Microsoft Windows XP SP2 heap protection and data execution prevention mechanisms. Full analysis with code provided.
| | Author: | Alexander Anisimov | | Homepage: | http://www.ptsecurity.com/ | | File Size: | 91734 | | Last Modified: | Jan 29 03:27:55 2005 |
| MD5 Checksum: | acfd948da84a412b6743310864395ea6 |
|
| /// File Name: |
lkbackdoor.tar.gz |
Description:
|
Small paper describing how to add a quick backdoor into the setuid code for the Linux 2.4 kernel series.
| | Author: | Michal Stys | | File Size: | 1120 | | Last Modified: | Nov 12 19:06:53 2004 |
| MD5 Checksum: | 74bad9990e8c7f8f46b2aeeeb4e5d543 |
|
| /// File Name: |
PolymorphicEvasion.txt |
Description:
|
White paper discussing ways to evade detection of polymorphic shellcode.
| | Author: | Phantasmal Phantasmagoria | | File Size: | 44008 | | Last Modified: | Oct 12 23:00:17 2004 |
| MD5 Checksum: | 798854f1dbbd63d23ab7f71eed64c0db |
|
| /// File Name: |
keylog.txt |
Description:
|
Small white paper regarding keyloggers and basic circumvention.
| | Author: | priestmaster | | Homepage: | http://www.priestmaster.org | | File Size: | 2368 | | Last Modified: | Sep 9 23:58:10 2004 |
| MD5 Checksum: | c57a57587c61465fbe82503b216368b8 |
|
| /// File Name: |
0x00_vs_ASP_File_Uploads.pdf |
Description:
|
White paper covering the topic of upload systems written in ASP. Many upload systems written in ASP suffer from a common problem whereby a NULL byte can be inserted into the filename parameter leading to any extension, after the null byte, being ignored when writing the file. This means that in some cases it is possible to bypass checks for valid extensions, even if one is appended by the application.
| | Author: | Brett Moore SA | | Homepage: | http://www.security-assessment.com | | File Size: | 139745 | | Last Modified: | Jul 13 08:52:00 2004 |
| MD5 Checksum: | cad2ad76c53cad21e6285f854026b213 |
|
| /// File Name: |
Blind_XPath_Injection_20040518.pdf |
Description:
|
This paper describes a Blind XPath Injection attack that enables an attacker to extract a complete XML document used for XPath querying, without prior knowledge of the XPath query.
| | Author: | Amit Klein | | Homepage: | http://www.sanctuminc.com | | File Size: | 46391 | | Last Modified: | May 19 21:03:40 2004 |
| MD5 Checksum: | e7b01772daac419ef8451d1e2780969c |
|
| /// File Name: |
SSLPCT.txt |
Description:
|
White paper analysis of the SSL PCT vulnerability. Gives full details on how exploitation has been performed and what it took for working exploits to be created.
| | Author: | Juliano Rizzo | | Related Exploit: | THCIISSLame.c | | File Size: | 8986 | | Last Modified: | May 3 19:16:07 2004 |
| MD5 Checksum: | aae6021952f7f660540073da5b8d4fdf |
|
| /// File Name: |
SQL_Injection_Evasion.pdf |
Description:
|
A white paper from the Imperva Application Defense Center entitled 'SQL Injection Signature Evasion'. This paper discusses how protecting against SQL injection attacks using signatures is not enough.
| | Author: | Ofer Maor,Amichai Shulman | | Homepage: | http://www.imperva.com/adc/papers/sigevasion | | File Size: | 223853 | | Last Modified: | Apr 19 05:08:00 2004 |
| MD5 Checksum: | b99e854ee042979fc6db7a6e1ef30870 |
|
| /// File Name: |
bypassEPA.pdf |
Description:
|
Article discussing how to bypass the Execution Path Analysis used by the PatchFinder utility, avoiding Windows 2k/XP rootkit detection.
| | Author: | Edgar Barbosa | | File Size: | 108266 | | Last Modified: | Feb 16 15:09:00 2004 |
| MD5 Checksum: | 1b7c12d5a2c92ff9de2469db1560d07a |
|
| /// File Name: |
Low-Level_Enumeration_With_TCP.txt |
Description:
|
A thoroughly written paper that covers the discussion of SYN, FIN, Null, Xmas, Idle, and Zombie scanning. It gives strong compare and contrast insight on methodologies to use when determining open ports on a host and remote operating system detection. It shows example scans and discusses IP enumeration along with the utilization of tools like hping2 and nmap to dig deeper.
| | Author: | djrand | | File Size: | 24862 | | Last Modified: | Nov 20 17:18:57 2003 |
| MD5 Checksum: | b6208ca85ecb6519c410aae4f4e3615e |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
