Archive for exploit

[tekwalk] all need Authentication, most need Domain Controllers ‘n hackers love it

Posted in Blogroll, security with tags , , , , , , , , , on January 20, 2011 by abhishekkr

@ tekwalk.blogspot.com [19/Jan/2011]

http://tekwalk.blogspot.com/2011/01/security-all-need-authentication-most.html

[security] all need Authentication most need Domain Controllers ‘n hackers love it

Domain Controllers are devices responsible for maintenance of data about all corporate user accounts, software resources and user ACLs. So, specific vulnerability assessment was required for them. We were…
………

…clikc here to read full blogpost

[tekwalk] Internal Network Scan : major NeXpose work

Posted in Blogroll, security with tags , , , , , , , , on January 20, 2011 by abhishekkr

@ tekwalk.blogspot.com [19/Jan/2011]

http://tekwalk.blogspot.com/2011/01/security-internal-network-scan-major.html

[security] Internal Network Scan : major NeXpose work

Even if a network has strong intrusion detection and prevention mechanism implemented, it is as safe as machines present within the network. If any network device within the network is infected with…
………

…clikc here to read full blogpost

[blog.kaffenews.com] Zozzle (Microsoft’s Javascript-Malware Analysis Tool)

Posted in AbhishekKr, Blogroll, security with tags , , , , , , , , , , , on December 10, 2010 by abhishekkr

@blog.kaffenews.com [9/Dec/2010]

http://blog.kaffenews.com/?p=1700

Zozzle (Microsoft’s Javascript-Malware Analysis Tool)

in a sentence Zozzle is a static web-page analyzer for detecting ‘Heap-Spray Exploits’

[ 3-Things It Is ]

+ a product of

…click here to Read the full post

[hackersmag.blogspot.com] Problem with IEEE 802.1x

Posted in Blogroll, security with tags , , , , , , , , , , , , , , , on September 7, 2010 by abhishekkr
Problem with IEEE 802.1x implementation’s fallback option
———————————————————
I was just looking over some gyan for 802.1x implementation ……. saw mention of fallback option …….
MAB i.e. MAC Authnetication Bypass porviding support for Legacy Devices (say Printers) which are not capable of

[hackersmag.blogspot.com] XSS Defeating PoC

Posted in Blogroll, security with tags , , , , , , , , , , , , , , , , , on September 7, 2010 by abhishekkr

@ hackersmag.blogspot.com [6/Sep/2010]

http://hackersmag.blogspot.com/2010/09/xss-defeating-poc-if-have-any-time-for.html

Video Demo of the same PoC: http://www.youtube.com/watch?v=ENiiAccY1v0
WhitePaper is also available at SourceForge link above
I was working on a XSS-Patch PoC, which I now feel works proper enough to prove its point.
This neither require Web-Developers for any Filtering/Validation, nor any javascript blocking add-on on user’s browser.

…….click here to read full BlogPost