Oh look! Another data-leak, this was was pretty bad as it contained plain-text passwords (who on earth doesn’t hash their passwords in the DB in 2011?!). Anyway this time it was a Groupon subsidary – Sosata.com which managed to leak the e-mail addresses and plain-text passwords for 300,000 users AND on top of that, Google […]
Archives for June 2011
Metasploitable – Test Your Metasploit Against A Vulnerable Host
Ok so you’ve got Metasploit loaded up, you’ve read the Metasploit Tutorials & Watched the Videos – but you’ve still got no idea what to do next and don’t have anything to test against. It’s not exactly new, but I guess a lot of people still don’t know about it. Basically if you don’t know […]
ksymhunter – Routines For Hunting Down Kernel Symbols
Routines for hunting down kernel symbols from from kallsyms, System.map, vmlinux, vmlinuz, and remote symbol servers. Examples:
1 2 3 4 |
$ ./ksymhunter prepare_kernel_cred [+] trying to resolve prepare_kernel_cred... [+] resolved prepare_kernel_cred using /boot/System.map-2.6.38-gentoo [+] resolved prepare_kernel_cred to 0xffffffff81061060 |
And..
1 2 3 4 |
$ ./ksymhunter commit_creds [+] trying to resolve commit_creds... [+] resolved commit_creds using /boot/System.map-2.6.38-gentoo [+] resolved commit_creds to 0xffffffff81060dc0 |
You can download ksymhunter v1.0 here: ksymhunter.tar.gz Or read more here.
Hackers Exploiting Latest Adobe Flash Bug On Large Scale
It’s very out of character for Adobe – but they’ve actually released two out of band patches in the last week or so. They’ve had to patch 4 times in the past 2 months – that’s a total of 6 times in 2011 so far – with 5 out of those 6 being for critical […]
Zed Attack Proxy – ZAProxy v1.3.0 Released – Integrated Penetration Testing Tool
It’s been a while since the last time we wrote about the OWASP ZAP – Zed Attack Proxy for Web Application Penetration Testing, back in October 2010. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range […]