Now it was only last month when everyone was wrapped up in the MS12-020 RDP Exploit Code In The Wild issue. As it turns out, Microsoft have been hiding some more serious security issues under the carpet. Apparently attackers are already exploiting the MS12-027 flaw in ActiveX in the wild – although Microsoft of course […]
Archives for 2012
Carbylamine – A PHP Script Encoder to ‘Obfuscate/Encode’ PHP Files
Carbylamine is a PHP Encoder project, which can bypass all leading anti-virus detection against PHP Shells (C99, R57 etc) easily. It can be a very efficient tool for pen-testers when carrying out a black box test which involves inserting malicious code via PHP. Usage
1 |
carbylamine.php [file to encode] [output file] |
You can download Carbylamine here: carbylamine.php Or read more here.
Server Migration – Moved To Linode! And Changed To Nginx/PHP-FPM/APC/W3TC
So lately I’ve being doing a lot more DevOps stuff than security stuff and I’m pretty much enjoying it (apart from some of the tedious sys-admin stuff). So with some of the new stuff I’ve learnt along the way, I decided to move Darknet from a rather bloated managed VPS with 2GB of RAM and […]
Zero Day Java Vulnerability Exploited – Macs Infected With Flashback Malware
Interesting timing this one, just a couple of days ago we reported – Avira Joins The Crowd & Starts To Offer Mac Antivirus Software – and now an unpatched vulnerability in Java for Mac OS that is being exploited in the wild. The vulnerability (CVE-2012-0507) was patched in Java by Oracle back in February, but […]
GooDork – Command Line Google Dorking/Hacking Tool
GooDork is a simple python script designed to allow you to leverage the power of Google Dorking straight from the comfort of your command line. There was a GUI tool we discussed a while back similar to this – Goolag – GUI Tool for Google Hacking. GooDork offers powerful use of Google’s search directives, by […]