content top

Heap Spraying – Active X Controls Under Attack

Heap Spraying – Active X Controls Under Attack

4Introduction   An ActiveX control is essentially a simple OLE object that supports the IUnknown interface. It was introduced in 1996 by Microsoft as a development of its Component Object Model (COM) and Object Linking and Embedding (OLE) technologies and is commonly used in its Windows Operating System.   ActiveX controls are highly portable COM objects, used extensively throughout Microsoft Windows platforms and, especially, in...

Read More

Damn Vulnerable Web App – Local File Inclusion (LFI)

Damn Vulnerable Web App – Local File Inclusion (LFI)

2Introduction   In the first part of Damn Vulnerable Web App (DVWA) series, we have seen how we can install Damn Vulnerable Web Application (DVWA) on BackTrack 5 R1.   If you have not read the first part, here is the link: http://hacksys.vfreaks.com/pen-testing/damn-vulnerable-web-app-sql-injection.html   Now, we will test another attack vector known as Local File Inclusion (LFI).   Local File Inclusion (LFI) is a...

Read More

Art Of Exploit Writing – null Security Meet

Art Of Exploit Writing – null Security Meet

2Introduction   It’s was my pleasure to be with fantastic security minds of Bangalore. The event was null Bangalore which held @ThoughtWorks.   Topics and Schedules   09:30 – 10:00: Web App Basics – Insecure Direct Object Reference – Himanshu Das 10:00 – 10:15: Introductions 10:15 – 10:35: Newsbytes – Apurva 10:35 – 11:05: Vulnerability Disclosure – Nikhil Kulkarni 11:05...

Read More

Reverse Shell v1.0 PHP – Authentication Feature

Reverse Shell v1.0 PHP – Authentication Feature

0Introduction   This tool is designed for pentest situation where you have upload access to a webserver that is running PHP. Upload this script to somewhere in the web root then run it by accessing the appropriate URL in your browser. The script will open an outbound TCP connection from the webserver to a host and port defined in the script. Bound to this TCP connection will be a shell.   This will be a proper interactive shell in...

Read More

VMware Video Series – Introduction

VMware Video Series – Introduction

2Introduction       Bring the Power of Virtualization Software to Your Next Project!   VMware is the leading virtual machine software available today and it is the foundation for next generation computing as it allows users to run multiple operating systems simultaneously on the same PC. We will teach users the nuts and bolts of this powerful program, including how to install and upgrade VMware and use its guest...

Read More
content top