877.791.9571 |

Monthly Archives: November 2011

Restricted Character Set Vulnserver Exploit Tutorial

This tutorial will cover the process of writing a buffer overflow exploit for a known vulnerability in the Vulnserver application. This is the sixth article in the Vulnserver series.

Vulnserver is a Windows server application that deliberately includes a number of exploitable buffer overflow vulnerabilities, and was designed to act […]

Incorporating Custom Shellcode Into The Metasploit Framework

Writing shellcode can be a somewhat time consuming task. Once considered a dark art, shellcoding has become a part of the vocabulary of modern IT personnel. With IT Security becoming more and more important within organizations today, it’s becoming practical for many people to not only know what shellcode […]

DNS Hacking (Beginner to Advanced)

DNS is a naming system for computers that converts human readable domain names e.g. (infosecinstitute.com) into computer readable IP-addresses. However some security vulnerabilities exist due to misconfigured DNS nameservers that can lead to information disclosure about the domain. This forms an important step of the Information Gathering stage during […]

C&A: The Square Peg

This C&A related call for help is from Latonya in Washington, DC:
Need help! I am desperately searching for an instruction that will exempt a legacy fielded system from going through the C&A process. This system lack interoperability testing and current requirement documentation. This system was fielded back in 1950 […]

Writing Self-modifying Code Part 1: C Hello world with RWX and in-line assembly

To follow along with this tutorial, download all source files here

In the first part of this tutorial, we’ll be making a basic C scaffold and getting read, write, and execute permissions for the memory section. This way we’ll be able to have some self-modifying code in the following tutorials […]

UEFI and the TPM: Building a foundation for platform trust

Table of Contents

Trusted Computing
Boot Path Security Challenges
Boot Path Attack Surface
The Trusted Memory Module (TPM)
TPM Architecture and Functionality
TPM Concepts and Components
The Unified Extensible Firmware Interface (UEFI)
Conventional BIOS Limitations
Characteristics of the UEFI
[…]

Goodbye DIACAP, Hello DIARMF

When C&A becomes A&A, will you be ready?
Every few months, an elite group of DoD security experts, IT managers, and senior leadership gather to chart the future course for how Information Assurance will be conducted within the Defense Department. Very soon, this group will introduce sweeping changes to […]

Dangerous Texts: Preventing SMS Cracking

The very first SMS (Short Messaging Service) message was sent on December 3rd, 1992. As cellular phone technology exploded since then, now your average person sends and receives many SMS text messages each year. In a world where the overwhelming majority of adults (and some children) carry a smartphone […]

Rootkit Detection with Tuluka Kernel Inspector

Introduction

A rootkit is a piece of software that is written by someone, who at the very least, wants to spy on specific system calls made by an application, for some purpose. It’ll usually hide itself from normal directory and process listings made either by native OS tools, or third […]

Confident KillSwitch Helps Combat Brute-Force Attacks

Introduction
Confident Technologies Inc.’s (CTI) KillSwitch collects data on hacking attempts to help information security (IS) professionals safeguard their companies’ online properties and mobile applications against brute-force attacks that occur when hackers use all possible combinations of symbols, letters and numbers to obtain account passwords.
State of Affairs
According to a 2011 […]

9 Easy WordPress Security Tips: Hardening WordPress

WordPress is the most popular Content Management System (CMS) on the World Wide Web.

I’m one of the two web developers for Liberbyte.com, a tech blog with a focus on end user education and open source. I’ve done enough raw coding with HTML, CSS and JavaScript in the past 15 […]

AntiCloud Trojan Reverse Engineering Analysis

Introduction

In this paper we are going to talk about the Anticloud Trojan, also know as the TrojanDropper:Win32/Bohu.A and B variant. This malware originated in China and was designed to target the Cloud-Based Technology of major Chinese AntiVirus Vendors. For this reason, Bohu has also been called AntiCloud Trojan.

This is the first […]