Section: .. / papers / bypass /
| /// File Name: |
ThePharmingGuide.pdf |
Description:
|
Exploiting well known flaws in DNS services and the way in which hostnames are resolved to IP addresses, Phishers have upped the ante in the cyberwar for control of a customer's online identity for financial gain. A grouping of attack vectors now referred to as "Pharming", affects the fundamental way in which a customer's computer locates and connects to an organizations online offering. This paper, extending the original material of "The Phishing Guide", examines in depth the workings of the name services of which Internet-based customers are dependent upon, and how they can be exploited by Pharmers to conduct identity theft and financial fraud on a massive scale.
| | Author: | NGSSoftware Insight Security Research | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 1611352 | | Last Modified: | Aug 25 01:16:22 2005 |
| MD5 Checksum: | f1eb60baaa656bb670be1bb0a390c3a1 |
|
| /// File Name: |
Bypassing_NAC_Solutions_Whitepaper...> |
Description:
|
Bypassing network access control (NAC) systems - This whitepaper examines the different strategies used to provide network access controls. The flaws associated with the different network access control (NAC) solutions are also presented. These flaws allow the complete bypass of each and every NAC mechanism currently offered on the market.
| | Author: | Ofir Arkin | | Homepage: | http://www.insightix.com/resources/whitepapers/bypassing.aspx | | File Size: | 889707 | | Last Modified: | Sep 26 19:28:58 2006 |
| MD5 Checksum: | 7d510a73435ecac3bb94797d2379039f |
|
| /// File Name: |
Cisco_IOS_Exploitation_Techniques.p..> |
Description:
|
It has been more than a year since Michael Lynn first demonstrated a reliable code execution exploit on Cisco IOS at Black Hat 2005. Although his presentation received a lot of media coverage in the security community, very little is known about the attack and the technical details surrounding the IOS check_heaps() vulnerability. This paper is a result of research carried out by IRM to analyze and understand the check_heaps() attack and its impact on similar embedded devices.
| | Author: | Gyan Chawdhary | | Homepage: | http://www.irmplc.com/ | | File Size: | 596924 | | Last Modified: | Jun 27 20:28:17 2007 |
| MD5 Checksum: | de1e5098e579eb286a1dbc30729d80a5 |
|
| /// File Name: |
Creating_Backdoors_in_Cisco_IOS_usi..> |
Description:
|
This short technical briefing describes a technique using Tcl to create a backdoor within IOS that would allow a remote attacker to execute privileged commands on a networking device.
| | Author: | Andy Davis - IRMPLC | | Homepage: | http://www.irmplc.com/ | | File Size: | 538499 | | Last Modified: | Nov 27 22:35:11 2007 |
| MD5 Checksum: | c36b7968fecc31dca537fcdf4e5975d8 |
|
| /// File Name: |
exploiting-rpc.pdf |
Description:
|
Paper describing how to reuse dumped portmapper data on one machine in order to still make use of rpc services on a remote machine without portmapper being exposed.
| | Author: | David Routin | | File Size: | 465941 | | Last Modified: | Apr 19 01:03:21 2007 |
| MD5 Checksum: | 5f99244bffdda5a0293024b78fe24c9d |
|
| /// File Name: |
Monografia_Rodrigo.pdf |
Description:
|
Whitepaper discussing intrusion detection system evasion. It specifically focuses on polymorphic attacks using scmorphism. This document is written in Brazilian Portuguese.
| | Author: | Rodrigo Rubira Branco | | Homepage: | http://www.bsdaemon.org | | File Size: | 388465 | | Last Modified: | May 6 17:18:32 2006 |
| MD5 Checksum: | bece5c8d229c43ace859d0f1a227b70f |
|
| /// File Name: |
WLSI.zip |
Description:
|
Whitepaper entitled "WLSI - Windows Local Shellcode Injection" that describes a new technique to create 100% reliable local exploits for Microsoft Windows operating systems. The technique uses some Windows design weaknesses that allow low privileged processes to insert data into almost any Windows process regardless of their current privilege level. After a brief introduction and a description of the technique, a couple of samples (Exploits for MS05-012 and MS05-040) are included so the reader will be enabled to write their own exploits.
| | Author: | Cesar Cerrudo | | Homepage: | http://www.argeniss.com/ | | File Size: | 264525 | | Last Modified: | Mar 14 23:22:33 2006 |
| MD5 Checksum: | e6e381e24020aea49b16759a19981d23 |
|
| /// File Name: |
SQL_Injection_Evasion.pdf |
Description:
|
A white paper from the Imperva Application Defense Center entitled 'SQL Injection Signature Evasion'. This paper discusses how protecting against SQL injection attacks using signatures is not enough.
| | Author: | Ofer Maor,Amichai Shulman | | Homepage: | http://www.imperva.com/adc/papers/sigevasion | | File Size: | 223853 | | Last Modified: | Apr 19 05:08:00 2004 |
| MD5 Checksum: | b99e854ee042979fc6db7a6e1ef30870 |
|
| /// File Name: |
sql-inject.pdf |
Description:
|
Whitepaper discussing uncommon SQL injection attacks.
| | Author: | N3T D3VIL | | File Size: | 159732 | | Last Modified: | Aug 15 00:01:30 2007 |
| MD5 Checksum: | 3ccee41b5d5a4751f2955084693506be |
|
| /// File Name: |
ids_evasion_oracle_sqlnet.pdf |
Description:
|
Write up discussing Oracle database IDS evasion techniques for SQL*Net.
| | Author: | Joxean Koret | | File Size: | 143377 | | Last Modified: | Aug 27 19:40:24 2006 |
| MD5 Checksum: | d59cda5242ec3439f74c6f7b13fb69ad |
|
| /// File Name: |
0x00_vs_ASP_File_Uploads.pdf |
Description:
|
White paper covering the topic of upload systems written in ASP. Many upload systems written in ASP suffer from a common problem whereby a NULL byte can be inserted into the filename parameter leading to any extension, after the null byte, being ignored when writing the file. This means that in some cases it is possible to bypass checks for valid extensions, even if one is appended by the application.
| | Author: | Brett Moore SA | | Homepage: | http://www.security-assessment.com | | File Size: | 139745 | | Last Modified: | Jul 13 08:52:00 2004 |
| MD5 Checksum: | cad2ad76c53cad21e6285f854026b213 |
|
| /// File Name: |
sybase-bypass.pdf |
Description:
|
Whitepaper discussing Sybase SQL injection and bypassing mod_security. Written in German.
| | Author: | T. Kerbl | | Homepage: | http://www.sec-consult.com/ | | File Size: | 131934 | | Last Modified: | Aug 18 20:02:00 2008 |
| MD5 Checksum: | 2b5e62af1a1d46a6e397815bc096a922 |
|
| /// File Name: |
bypassEPA.pdf |
Description:
|
Article discussing how to bypass the Execution Path Analysis used by the PatchFinder utility, avoiding Windows 2k/XP rootkit detection.
| | Author: | Edgar Barbosa | | File Size: | 108266 | | Last Modified: | Feb 16 15:09:00 2004 |
| MD5 Checksum: | 1b7c12d5a2c92ff9de2469db1560d07a |
|
| /// File Name: |
defeating-xpsp2-heap-protection.pdf |
Description:
|
The MaxPatrol team has discovered that it is possible to defeat Microsoft Windows XP SP2 heap protection and data execution prevention mechanisms. Full analysis with code provided.
| | Author: | Alexander Anisimov | | Homepage: | http://www.ptsecurity.com/ | | File Size: | 91734 | | Last Modified: | Jan 29 03:27:55 2005 |
| MD5 Checksum: | acfd948da84a412b6743310864395ea6 |
|
| /// File Name: |
bypassing-win-heap-protections.pdf |
Description:
|
Whitepaper detailing a new way to bypass Microsoft Windows heap protection mechanisms. The methodology explained here is different from the method introduced by Alexander Anisimov.
| | Author: | Nicolas Falliere | | File Size: | 89925 | | Last Modified: | Aug 17 02:58:28 2005 |
| MD5 Checksum: | bbe8f8d36f5ad8e3f1c34915ce9660aa |
|
| /// File Name: |
no-nx.pdf |
Description:
|
x86-64 buffer overflow exploits and the borrowed code chunk exploitation technique. Whitepaper describing NX technology and its limitations. It contains in depth discussion and sample code for the Hammer/Linux platform, analyzes the weaknesses and discusses countermeasures.
| | Author: | Sebastian Krahmer | | File Size: | 84050 | | Last Modified: | Oct 6 00:32:54 2005 |
| MD5 Checksum: | 8df650e08759b301398f03475970e1b2 |
|
| /// File Name: |
w32.bypass.abstract.en.pdf |
Description:
|
This document is a technical abstract of paper "Win32/Bypass: Anulando la deteccion de ficheros". The main objective is to explain techniques used to bypass security measures of many antivirus programs.
| | Author: | FraMe | | Homepage: | http://www.kernelpanik.org/ | | File Size: | 82126 | | Last Modified: | Mar 20 01:07:01 2007 |
| MD5 Checksum: | daee698ea86fd64cb575a08fc75d866f |
|
| /// File Name: |
HostFingerprinting.pdf |
Description:
|
Host Fingerprinting and Firewalking With hping - This paper discusses some of the techniques that can be effectively used in host fingerprinting, especially when a host is behind a firewall. Various tools are discussed with hping as a primary focus.
| | Author: | Naveed Afzal | | File Size: | 46668 | | Last Modified: | Nov 30 13:37:55 2005 |
| MD5 Checksum: | 3e2bea990221c86fe51e24c4388388c4 |
|
| /// File Name: |
Blind_XPath_Injection_20040518.pdf |
Description:
|
This paper describes a Blind XPath Injection attack that enables an attacker to extract a complete XML document used for XPath querying, without prior knowledge of the XPath query.
| | Author: | Amit Klein | | Homepage: | http://www.sanctuminc.com | | File Size: | 46391 | | Last Modified: | May 19 21:03:40 2004 |
| MD5 Checksum: | e7b01772daac419ef8451d1e2780969c |
|
| /// File Name: |
Top_10_Ajax_SH_v1.1.pdf |
Description:
|
Whitepaper entitled "Top 10 AJAX Security Holes And Driving Factors".
| | Author: | Shreeraj Shah | | File Size: | 44884 | | Last Modified: | Dec 6 00:48:51 2006 |
| MD5 Checksum: | 038020f7d532137619a96c59296463db |
|
| /// File Name: |
PolymorphicEvasion.txt |
Description:
|
White paper discussing ways to evade detection of polymorphic shellcode.
| | Author: | Phantasmal Phantasmagoria | | File Size: | 44008 | | Last Modified: | Oct 12 23:00:17 2004 |
| MD5 Checksum: | 798854f1dbbd63d23ab7f71eed64c0db |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
