Monday, May 5th, 2008
Today I decided to give a very brief example on pharming and why it's so easy to pharm surfers with little or no skills. Usually, browser exploit writers give simple examples on how to read the boot files, or launch a calculator. There is so much you can do with ...
Posted in Coding, Internet, Privacy, Security | No Comments
Tuesday, April 22nd, 2008
Following a friendly heads up from someone yesterday morning, I re-loaded the
following Kraken samples into my honeypot:
1d51463150db06bc098fef335bc64971
65b958bf6f5eddca3d9455354af08b6f
6ec7d67d5553cbec2a99c7fbe385a729
7ecef2f126e66e7270afa7b803f715bc
8fd8c67103ec073d9303a7fbc702f89a
and began monitoring them. Each sample proceeded to update itself;
the updated binary is around 160KB, given a random name and
placed in the system32 directory, and no longer has an imagefile icon.
The names/MD5 values of ...
Posted in Coding, Internet, Privacy, Security | No Comments
Monday, April 21st, 2008
Almost everyone knows what CSRF or better unauthorized requests are. I never really embraced CSRF as the correct term for unauthorized request issues, because the term is outdated and inadequate to contemporary hacking. For me, an unauthorized request is the layer or automation of a hacking procedure without direct interference ...
Posted in Internet, Privacy, Security | No Comments
Thursday, April 17th, 2008
I’m not a Windows Vista fan. In fact, my new PC runs on XP, but uses OpenSource applications for most of my business needs. So why do I even care about a trick to get sluggish Vista browsing back to an acceptable speed? My mom uses Vista, and I love ...
Posted in Internet, Networking, Windows | No Comments
Tuesday, April 15th, 2008
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to ...
Posted in Internet, Privacy, Security, Software | No Comments
