[ad] Technika was developed for the computer security professionals to automate common exploitative task from the browser. It acts like a standard OS shell scripting environment. You can script everything from the currently viewed page just like Greasemonkey (spawn processes, unrestricted XMLHttpRequest connections and sockets). You can autorun bookmarklets and perform safe operations on the […]
exploits
0-day Vulnerability Effects Solaris – Disable Telnet NOW!
[ad] Solaris is pwned by a similar vulnerability to one discovered on AIX systems in 1994. Yes people that’s 13 years ago…and Sun are still vulnerable, as reported by SANS. The following will give you root on a lot of Solaris systems:
1 |
telnet -l "-froot" [hostname] |
Cool eh? The Internet Storm Center is urging system administrators to disable […]
Visa Security Flaws Prior to Consumer Release
[ad] Now Vista is actually out we haven’t heard much about it, before it’s commercial release however there was a lot of flaws released and discussion about the (in)security of the OS. The architecture does seem a lot better.. But still it’s from Microsoft, how long until we get a remote root exploit giving the […]
eEye Launches 0-Day Exploit Tracker
[ad] Ah finally a decent 0-day exploit tracker, one that isn’t underground and could be fairly useful to everyone. 0-day as basically stated in the article is an exploit not known publicly or available publicly well before any patches are available, some private groups often have exploits for a year or more before someone else […]
Metasploit 3.0 Beta 3 Released
[ad] The Metasploit Framework is an advanced open-source exploit development platform. The 3.0 tree represents a complete rewrite of the 2.0 codebase and provides a scalable and extensible framework for security tool development. The 3.0 Beta 3 release includes support for exploit automation, 802.11 wireless packet injection, and kernel-mode payloads. Windows users are now presented […]