Archive | August, 2010


30 August 2010 | 5,537 views

China Policy Could Shut Out Foreign Security Firms

China catches a lot of flack in the infosec World, mostly for being suspected of cyber-terrorism and for propagating nasty malware. Lately things have been getting more political especially during their tussle with Google over the whole ‘search freedom’ issue and censorship. The latest is that they are starting to check for compliance on a [...]

Continue Reading


26 August 2010 | 7,692 views

WinAppDbg – Python Instrumentation Scripting/Debugging Tool For Windows

The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment. It uses ctypes to wrap many Win32 API calls related to debugging, and provides an object-oriented abstraction layer to manipulate threads, libraries and processes, attach your script as a debugger, trace execution, hook API calls, handle events in [...]

Continue Reading


25 August 2010 | 10,584 views

Windows Binary Planting DLL Preloading/Hijacking Bug

The big news that is turning the infosec world inside out this week is about a new DLL pre-loading/hijacking bug which effects more than 200 Windows applications including some produced by Microsoft itself. The basis of this exploit is the way in which Windows works and how it loads DLL files used by many applications, [...]

Continue Reading


23 August 2010 | 10,543 views

DotDotPwn v1.0 – Directory Traversal Checker/Scanning Tool

A simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has 871 traversal payloads. This tool was tested against various Kolibri+ WebServer v2.0 and Gefest WebServer v1.0 (HTTP servers) giving good results identifying the right vulnerability strings. Those HTTP servers were vulnerable, and somebody reported those vulns on [...]

Continue Reading


20 August 2010 | 7,743 views

Intel Acquires Security Specialist McAfee For $7.68bn

We’ve seen a trend in recent years, especially in the technology sector of acquisitions and consolidations. It’s been something Microsoft has been doing for a long time, acquiring smaller niche companies to improve/supplement their existing product lines. In recent years the trends has shifted towards web services and of course security, many smaller security companies [...]

Continue Reading


19 August 2010 | 17,450 views

Tshark – Network Protocol Analyzer & Traffic Dumper

Tshark is actually part of the Wireshark package, and has some similar functionality. It does some cool stuff though so I thought it’s worthy of its own post. TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing [...]

Continue Reading


17 August 2010 | 11,998 views

Serious Vulnerability In Adobe ColdFusion Application Server

We haven’t often reported anything relating to ColdFusion, the application server from Adobe, most likely because it’s not a very prevalent hosting platform. It was quite popular earlier in the decade before PHP became so popular, the choices back then were early versions of ASP, JSP and CFM. We’ve only posted one tool related to [...]

Continue Reading


16 August 2010 | 22,189 views

RSMangler – Keyword Based Wordlist Generator For Bruteforcing

RSMangler will take a word list and perform various manipulations on it similar to those done by John the Ripper with a few extras. It goes along well with our previous post on Password Cracking Wordlists and Tools for Brute Forcing. There are other options too like Wyd – Automated Password Profiling Tool, which is [...]

Continue Reading


13 August 2010 | 9,488 views

Dangerous iPhone iOS JailBreak Exploit Goes Public

Apple just released a patch for iOS that fixes the vulnerability that was being used by JailbreakMe website to exploit a weakness in PDF handling to Jailbreak the device. Shortly after that the developer of the JailbreakMe exploit released the code to the public via GitHub. The code is available in full here: http://github.com/comex/star But [...]

Continue Reading


12 August 2010 | 7,225 views

BitBlaze – Binary Analysis Platform For Computer Security

Binary analysis is imperative for protecting COTS (common off-the-shelf) programs and analyzing and defending against the myriad of malicious code, where source code is unavailable, and the binary may even be obfuscated. Also, binary analysis provides the ground truth about program behavior since computers execute binaries (executables), not source code. However, binary analysis is challenging [...]

Continue Reading