Archive | Windows Hacking


08 February 2011 | 10,681 views

Proxocket – DLL Proxy For Winsock

Proxocket is a dll proxy project for the main Winsock functions which allows to capture any type of packet and data sent/received by a specific software of your choice and optionally modifying its content or the connect, bind and accept functions through a custom dll very easy to create. Proxocket handles the following functions for [...]

Continue Reading


20 January 2011 | 15,131 views

Java Based Cross Platform Malware Trojan (Mac/Linux/Windows)

It’s pretty rare to read about malware on the Linux or Mac OSX platforms and even more rare to read about cross-platform malware which targets both AND Windows by using Java. A neat piece of coding indeed, it targets vulnerabilities in all 3 operating systems – the sad thing? The malware itself is vulnerable to [...]

Continue Reading


04 January 2011 | 9,693 views

Internet Explorer Zero-Day Accidentally Leaked To Chinese Hackers

First up, happy new year – let’s hope 2011 is an interesting year for the infosec community. Anyway today’s story is about the recently released tool cross_fuzz by Michal Zalewski and an inadvertent leak that have occurred. tl;dr version is something like this: Michal Zalewski writes a DOM fuzzer, fuzzes IE, finds flaws, Chinese dudes [...]

Continue Reading


29 December 2010 | 9,338 views

IOCTL Fuzzer v1.2 – Fuzzing Tool For Windows Kernel Drivers

IOCTL Fuzzer is a tool designed to automate the task of searching vulnerabilities in Windows kernel drivers by performing fuzz tests on them. The fuzzer’s own driver hooks NtDeviceIoControlFile in order to take control of all IOCTL requests throughout the system. While processing IOCTLs, the fuzzer will spoof those IOCTLs conforming to conditions specified in [...]

Continue Reading


30 November 2010 | 9,478 views

Windows Vista & Windows 7 Kernel Bug Can Bypass UAC

Now this is not the first time Windows UAC has hit the news for being flawed, back in February 2009 it was discovered that Windows 7 UAC Vulnerable – User Mode Program Can Disable User Access Control and after that in November 2009 it was demonstrated that Windows 7 UAC (User Access Control) Ineffective Against [...]

Continue Reading


17 November 2010 | 14,718 views

TDL AKA Alureon Rootkit Now Infecting 64-Bit Windows 7 Platform

As we’ve come to expect, the malware guys are always at the leading edge of technological development. Now there are rootkits infecting 64-Bit versions of Windows, which have been thought of as fairly safe by most parties. The rootkit in questions is a fairly well known variant (TDL/Alureon) and has been around for several years, [...]

Continue Reading


29 October 2010 | 17,067 views

Critical 0-day Vulnerability In Adobe Flash Player, Reader & Acrobat

Well this seems to be a frequently recurring theme, yes there is yet another critical 0day vulnerability in Adobe products – pretty much across the board this time. It was that long ago that a critical flaw in Flash put Android phones at risk. The core vulnerability exists in Flash but it’s being actively exploited [...]

Continue Reading


18 October 2010 | 10,015 views

USBsploit 0.3b – Generate Reverse TCP Backdoors & Malicious .LNK Files

PoC to generate Reverse TCP backdoors (x86, x64, all ports), running Autorun or LNK USB infections, but also dumping all USB files remotely on multiple targets at the same time. USBsploit works through Meterpreter sessions with a light (27MB) modified version of Metasploit. The interface is a mod of SET (The Social Engineering Toolkit). The [...]

Continue Reading


14 October 2010 | 14,074 views

Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions

Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks. Supported Platforms [...]

Continue Reading


12 October 2010 | 8,888 views

Exploit Next Generation SQL Fingerprint (ESF) – MS-SQL Server Fingerprinting Tool

SQL Server fingerprinting can be a time consuming process. It involves a lot many trial and error methods to fingerprint the exact SQL Server version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for a certain server are two of the ways to possibly fingerprint [...]

Continue Reading