Howdy all! Today we’re going to go through some malware straight out of the armpit of the world – Syria. There are of course hurdles to this – namely language barriers. A lot code I run into has Arabic characters, but the code is functionally the same. As you may (or not) know, there is […]
The other day a colleague of mine asked how I keep my web server secure, short of keeping up to date on patches and shit. This is what I told em – you can fool a lot of people if you know what you’re doing with your server. Automated tools identify server software by the […]
I love C. It was my first language I learned. Any other security professional will tell you, C is the bomb, but on the same token, a source for a lot of head ache. To anyone out there aspiring to be a security professional, get to know C and assembly. C lets you inline assembly […]
Hello fellow readers! I thought I’d be nice and upload my talk slides as well as the code used and video. Slides Code Video Enjoy!
Hello again loyal readers! I have a treat for you. I encountered an exploit kit while doing my malware thing and decided to try and get a better idea of what is going on start to finish. I Watched a machine get exploited and fired up WireShark to watch: GET http://126.96.36.199/2b01554de28f018745855a41166494db/lately-duplicate.php HTTP/1.1 Accept: image/gif, image/x-xbitmap, […]
Hello everyone and happy new year. PCI compliance requires CC’s be encrypted, yet every other online store I’ve encountered STORES the ENCRYPTION KEY on the box, usually somewhere in the store’s code. What’s the point? Who does this deter? Even if the CC’s are encrypted, what’s to stop someone from just grabbing the CC’s and […]
They don’t make sites like they used to anymore. Seems more people are security conscious. I say this because when i look to the past, I found hacking sites and servers a little easier. Example: What happened? I don’t think things are any easier / harder. I think error messages are just turned off by […]
I wanted a backdoor in coldfusion that didn’t make use of cfexecute because its usually either watched like a hawk, or disabled outright. You can download it here.
I have 3 new 0days. A remote code exec in a web server, an admin bypass in a mail server, and a crappy XSS in some heldesk webapp. I’ve alerted the proper people a couple weeks back. They have another couple weeks left to patch before I go public and all the fun begins. Expect […]
Well, now that my fuzzer is done and my APB hack tool is done, all I to do now is finish my file duplicate finder. I’ve given some though to other fuzzer tools that still need to be created such as a Web Services fuzzer. I haven’t seen anything like that come my way […]