Items Tagged with "Hacking"


D8853ae281be8cfdfa18ab73608e8c3f

Bypassing TrendMicro's Service Protections

August 20, 2012 Added by:Rob Fuller

It's injecting our payload into the service binary and tossing our payload into "rundll32.exe" at run time on the victim. Lets change this so it doesn't do any injection and just executes a binary. That removes the 'injection' piece and hopefully lets us get our shell...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial pt 3: Gaining Root from a Vulnerable Service

August 17, 2012 Added by:Dan Dieterle

There are numerous Metasploitable how-to’s out there, but a lot of them focus on the standard services. In real life, which is the service that will most likely go unpatched? The main web server or some secondary service that was installed for a project and then forgotten about? So let’s get started...

Comments  (1)

1de705dde1cf97450678321cd77853d9

Breaking Into Security: Planet Earth Edition

August 14, 2012 Added by:Ian Tibble

As a pentest guru wannabe, you may possess extremely high levels of fuzzing, exploit coding, and reversing skills, but you will never get to use them and you will intimidate most interviewers. There are easier ways to break into systems. Security is insufficiently mature in most organizations to warrant pentesting...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial pt 2: Scanning for Network Services

August 14, 2012 Added by:Dan Dieterle

Okay, we put in 192.168.12.20 and it scanned it and returned the version of Samba that was running on it. But what if we wanted to scan the whole network for just systems running Samba. This is where the beauty of the RHOSTS command comes into play. Instead of just scanning the single host, let’s scan all 256 clients...

Comments  (0)

1789975b05c7c71e14278df690cabf26

The Hacker Highschool Project

August 14, 2012 Added by:Pete Herzog

We need to get teenagers to realize how small they are in a big field. Hacking is a huge field and the one who knows the most about how things work is going to be the most powerful. That teaches students to respect that small bit of power they get from the lessons and to keep teaching things to themselves...

Comments  (1)

800ca77bf7ad76b2a830356569e524b7

How to Fight and Win the New Cyberwar

August 13, 2012

We are losing the cyberwar. What we are doing now not won't work and can't work because the net-centric defense approach is fundamentally flawed. This presentation includes a history of the battlefield because it's important to understand how we got in this mess in order for us to craft an effective solution...

Comments  (5)

69dafe8b58066478aea48f3d0f384820

Yourikan Claims Ninety-One Iranian Websites Hacked

August 07, 2012 Added by:Headlines

Pro-Israeli hacker Yourikan (you-r!-k@n) is claiming to have hacked and defaced as many as ninety-one Iranian websites including government, education and business targets in protest of Iran's continued pursuit of nuclear weapons and support for terrorist activities targeting Israel...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Billions of Hashes per Second with Multiforcer Password Cracker

August 07, 2012 Added by:Dan Dieterle

So what does it take to reach cracking speeds topping 154 Billion hashes per second with multiple hashes? The tool was created to help out pentesters who need to crack passwords, but can not submit hashes obtained to online cracking programs due to auditing agreement restrictions...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial: Checking for Open Ports with Nmap

August 03, 2012 Added by:Dan Dieterle

I mentioned recently that we would take a closer look at Metasploitable 2.0, the purposefully vulnerable Linux virtual machine used for learning security tactics and techniques. In this intro, we will quickly cover obtaining Metasploitable 2.0 and scanning it for open ports and services...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Red Flag On Biometrics: Iris Scanners Can Be Tricked

August 02, 2012 Added by:Electronic Frontier Foundation

Among all the various biometric traits that can be measured for machine identification, the iris is generally regarded as being the most reliable. Yet Galbally’s team of researchers has shown that even the method traditionally presumed to be foolproof is actually quite susceptible to being hacked...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

How to Avoid SQL Injection Attacks

August 02, 2012

"SQL injection is a code injection technique that exploits a vulnerability in a website's software. The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed...."

Comments  (0)

7c5c876d1933023ac375eead04302e1a

Un-Ninja the NinjaTel Phone

August 01, 2012 Added by:Boris Sverdlik

For the lucky few that did get the phone, you will be happy to know that the phone has been rooted, but the bootloader is locked. In order to get to any of the settings all that was required was pulling up the IDE app in an area where the phone couldn't connect to any of the pre-installed wireless access points...

Comments  (5)

Cb9aade927a0abf5b0bbdd2a4aaf8716

Leveraging Regular User Accounts to Achieve Compromise

July 31, 2012 Added by:Jake Garlie

One of the more common ways pentesters break in to networks is by leveraging regular user accounts which have been compromised. They can be used in various ways to compromise systems, data, applications, and more. Once valid user accounts are obtained, using them throughout the network rarely triggers any alarms...

Comments  (0)

6d117b57d55f63febe392e40a478011f

BlackHat 2012: Dave Porcello Discusses the Power Pwn

July 30, 2012

Dave Porcello, Founder and CEO of Pwnie Express discusses the recently released Power Pwn, a fully-integrated enterprise-class penetration testing platform, covering the entire spectrum of a full-scale pentesting engagement, from the physical-layer to the application-layer...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Power Pwn and DARPA Programs for Developing Hacking Tools

July 23, 2012 Added by:Pierluigi Paganini

Network analysis has never been easier. Power Pwn, which looks like a surge protector, can be controled remotely via Wi-Fi, Bluetooth, and Ethernet as it searches for network weaknesses. It’s fully manageable via a Web interface accessible through the unit's 3G radio or directly to the device via text message...

Comments  (2)

71d85bb5d111973cb65dfee3d2a7e6c9

DEUCE: Bypassing DLP with Cookies

July 19, 2012 Added by:f8lerror

DEUCE went from simple concept to a multi-encoding and encryption DLP bypass tool. The program simply takes an input file and creates a cookie for each line. DEUCE has the ability to encrypt via AES, hash with MD5 or use a custom multi-encode with a 3 times replacement cipher...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »