Wednesday, April 23rd, 2008
GNU’s wget command line program for downloading is very popular, and not without reason. While you can use it simply to retrieve a single file from a server, it is much more powerful than that and offers many more features.
One of the more advanced features in wget is the mirror ...
Posted in Coding, Internet, Linux | No Comments
Monday, April 21st, 2008
Almost everyone knows what CSRF or better unauthorized requests are. I never really embraced CSRF as the correct term for unauthorized request issues, because the term is outdated and inadequate to contemporary hacking. For me, an unauthorized request is the layer or automation of a hacking procedure without direct interference ...
Posted in Internet, Privacy, Security | No Comments
Monday, April 21st, 2008
In a security alert last week, Microsoft reported a vulnerability which allows local users and users signed on with access to an Internet Information Server (IIS) or MS SQL server to escalate their privileges. Server operators such as hosting providers who allow user code to be executed, for example on ...
Posted in Coding, Privacy, Security, Windows | No Comments
Friday, April 18th, 2008
The e-mail message addressed to a Booz Allen Hamilton executive was mundane—a shopping list sent over by the Pentagon of weaponry India wanted to buy. But the missive turned out to be a brilliant fake. Lurking beneath the description of aircraft, engines, and radar equipment was an insidious piece of ...
Posted in Internet, Privacy, Security | No Comments
Friday, April 18th, 2008
A demonstration of a security hole in the Microsoft Works Image Server (WkImgSrv.dll) ActiveX module contained in the Microsoft Works office suite has appeared on the Bugtraq mailing list. The demo appears to only cause a system crash. McAfee, however, has already found fully functional exploits which allow attackers to ...
Posted in Coding, Security, Windows | No Comments
Friday, April 4th, 2008
We have been noticing quite a few malware samples having references to or communicating with Google's SMTP servers. This post dissects one of these samples and in the process attempts to illustrate to the reader some reversing techniques and information gathering techniques, while explaining the behavior and impact of this ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Saturday, March 8th, 2008
A new worm has been discovered exploiting the ISS/PAM ICQ module vulnerability. The worm payload is contained in a single 1025-byte UDP packet with a fixed source port of 4000 and a random destination port. Only the first 470 bytes of the payload are the working code of the worm; ...
Posted in Security | No Comments
