View RSS Feed

All Blog Entries

  1. Network Architecture Review Checklist

    The primary goal of the checklist is to make it useful and as a trusted guide for IT Auditors,Security Consultant in Network Architecture Review assignments.The checklist is drawn from numerous resources referred and my experience in network architecture reviews.Though the essentially doesn't essentially cover all elements of a network architecture review,I have tried to bring in aspects of the security element in a network architecture.Thanks to Punter & B0nd for their useful inputs.
  2. Teensy USB HID for Penetration Testers - Part 2 - Basics of Arduino and Hello World

    In the first post we installed Arduino Development Environment (ADE). Now lets have a look at basics of Programming Teensy using ADE

    Make sure that proper board is selected from the menu. Then choose the correct device type

    Name:  arduino-1.0_2012-04-04_11-34-51.jpg
Views: 3634
Size:  24.1 KB

    In Arduino Development Environment (ADE), programming is done in a C type syntax. We have variables, methods, conditional operators and pointers etc. A program is called a sketch in ADE.

    Now, ...
  3. HP DataProtector - Porting exploit to metasploit.

    Nowadays, in almost all my penetration testing projects, HP dataprotector has been the most vulnerable software installed.
    I thought of porting the same as a metasploit exploit module. Hence, I wrote exploit for Hp_dataprotector_cmdexec. I will try to describe my work step by step. The input for this was a working exploit-db code (HP Data Protector Remote Root Shell for Linux). The shell code when run normally will give a netcat shell.
    So here I start up:
    1. Took a standard ...

    Updated 04-10-2012 at 04:21 PM by sohil_garg

  4. MS11-046 exploit Code, Windows local Privilege Escalation .

    There was a good article released by Joni on MS11-046 vulnerability based on a malware he analysed .
    So I taught of spending my staurday night building an exploit for this .

    Windows [not sure about Win 7] lets Mapping of 0x00000000 in user space, and this particular vulnerability windows fix [Ms011-46] was by adding a simple check for Null Pntr in the AFD.sys, which I find odd, so I assume Win 7 it would ...
  5. Introduction to SCADA hacking

    hi guys this is my first post so please ignore any mistakes
    so first what is SCADA ? its abbreviated as Supervisory Control and Data Acquisition so basically there are lots of hardwares in it and is used in power grids, Dams and many other industries. they use primitive softwares that are easy to exploit. remember Stuxnet that exploited Iran`s windows computer to exploit iran`s nuclear facility which was of Siemens. same way there are lots of companies who make SCADA and for ease of use

    Updated 04-11-2012 at 12:22 AM by rjcrystal

  6. Teensy USB HID for Penetration Testers - Part 1 - Introduction and Arduino Install

    Hi All,

    This is my first post to Garage, please bear with mistakes. I will write a series of posts which will also be posted on my blog.

    My first blog post after two back to back awesome conferences Black Hat Europe and Troopers. At Black Hat Europe I conducted a workshop called Teensy Programming for Everyone. The workshop was well recieved by most of the participants. But I found that many of them found it difficult to setup Arduino for usage with Teensy and other ...

    Updated 04-05-2012 at 01:33 AM by SamratAshok (For fixing broken links)

  7. Internal Attacks vai IVR systems [ Security Vulnerabilities in IVR Applications]

    Am putting down Demo videos along with few important slides form my BlackHat 2012 presentation .

    Here is the video from HITB on the same:

    My presentation were in HTML 5 and am putting down Demo Presentations here. I will upload the HTML5 presentation some were or you could download them form

    For Better understanding
  8. Binary Analysis of Oracle Java CVE: 2012-0500 and Alternate Exploitation on Win|Linux


    Java Webstart recently had critical security update in it's Webstart module Oracle Java Critical Patch Update - February 2012, that affects Firefox and IE, we will have few quick analysis of the vulnerable binary and few alternate ways to exploit them.

    Little History and Introduction about the Bug:

    Current bug is discovered and reported to Oracle by Vulnerability Research Team of TELUS Security Labs.

    The vulnerability was similar ...
  9. Memoirs of Nullcon Goa 2012 - Hacking on beach

    Firstly, the venue. Goa ! Oh, it was divine. Frankly, nullcon should be always in Goa. Perfect blend of electric atmosphere and aesthetic calmness of nature. Seriously, you have to be there to feel it.

    Me, Ap4Ch3, akm.coder and Snypter arrived 2 days ahead of conference. Had a great time exploring Goa. Already, most of the people from null were beginning to pour in.

    ------------------------------------------------------------ ...

    Updated 02-25-2012 at 05:05 PM by abhaythehero

  10. SQL Injection Via XSS

    One of the G4H member mandi from Garage4hackers Forums - Home (my second home) asked few days before about xsssqli attack. He had a scenario where the main site is having a cross-site scripting vulnerability and the admin panel has SQL Injection. The page having sql injection in admin panel is only accessible to admin. The question was is it possible to use xss on main site to exploit sql injection on admin panel to get admin account pwned?

    Here is my answer with following scenario: ...

    Updated 02-14-2012 at 02:05 PM by amolnaik4

Page 10 of 14 FirstFirst ... 89101112 ... LastLast