View RSS Feed

Most Popular Blogs

  1. Penetration Testing Biometric System: Part 1 Local Attacks

    Presented in Nullcon 2011:
    Greetz to: B0Nd,Eberly,Wipu,Neo,Vinnu,prashant(null),sud0,Sag ar,rohith,Nishant, atul, r4scal, SmartKD, beenu, d4rkdawn and all Null Members
    Special Thanks to: the_empty, 41w4rior, d4rkest,Abishek Dutta, w3bdevil,


    Abstract: This paper act as a guide explaining the necessity
  2. Max OSX 64 bit ROP Payloads.

    6 Months back I did a presentation on Mac OSX 64 bit ROP shellcodes at Null Monthly meet, where I took two different session explaining 64 bit architecture in detail and Mac OSX 64 Rop Shellcode. Today I was browsing through some old stuffs and came across the PPT I used back then. The slides only contains the first day's presentation and I can't find the second days PPT .

    Am sharing it over here. There is nothing new. ...
  3. Enumerating and Breaking VoIP


    Voice over Internet Protocol (VoIP) has seen rapid implementation over the past few years. Most of the organizations which have implemented VoIP are either unaware or ignore the security issues with VoIP and its implementation. Like every other network, a VoIP network is also susceptible to abuse. In this article, I would discuss about various enumeration techniques followed by demonstration of few VoIP attacks. I deliberately will not go to protocol level details as ...
    Attached Thumbnails Attached Images
  4. Twitter Translation Center CSRF (Change Badge and Notification Settings)

    On 28th September 2012, I found a Cross-Site Request Forgery vulnerability on which is the Twitter Translation Center.

    While checking the service I landed up on the "Accounts Settings" page which looked like this.

    Name:  settings.jpg
Views: 4149
Size:  30.0 KB

    So we've two options here, first one toggles the Twitter Badge setting on and second one toggles the badge related notification.

    POST request ...

    Updated 10-20-2012 at 11:20 AM by prakhar

  5. Account Takeover Using Password Reset Vulnerability

    [LEFT][B]Account Takeover Using Password Reset Functionality[/B]
    While researching and working on bug bounties I have found that by using Password Reset Functionality, Token & Link we can Takeover all the users account of a website if that site is vulnerable to this type of attack.

    Using this vulnerability the attacker can modify the email md5 hash to any victims email md5 hash to change their password and in this way he can also reset all passwords ...
  6. How I was able to Read & Download Paypals Users Private Email Attachments

    [B][LEFT]Paypals Failure to Restrict Url Access Vulnerability
    [LEFT]I want to share one of my finding on Paypals which I have reported to them in 3 January 2013.

    I have found that Paypal following Url [URL][/URL] was vulnerable to Failure to Restrict Url Access Vulnerability as the email Attachments Url can be accessed without Login ...
  7. ASLR DEP bypassing techniques

    In defeating DEP you atleast need some information that will evade the ASLR.
    There are mainly two ways:

    1. Any anti ASLR modules gets loaded into the target application. I mean you have the base address of any module at fixed location always even after the system restart.

    2. You get a pointer leak from a memory leak/buffer overflow/any zeroday. In this technique you can adjust the offsets to grab the base address of the module whose pointer gets leaked.
  8. Bypassing a Cisco IOS firewall

    Quote Originally Posted by fb1h2s View Post
    This documentation is about a successful attack Strategy on something which I was trying out form last 15 days. It all started with silent-poison handing over to me a webshell, "a non interactive .php shell" on a webserver the shell was having NT-Authority System privileges. He did a good work there, as I was told he used a joomal exploit to get that shell up running. And it was obviously a high priority webserver .He should probably document that part .

    The issue he
  9. SQL Injection in INSERT Query

    SQL injection is being one of the mostly exploited issues in web application security and has found a place in OWASP Top 10 since 2004. There are many blog posts, papers available on SELECT query injection exploiting WHERE or HAVING clauses. Today I’m going to discuss SQL injection in INSERT query.

    Here is PDF of the same.
    SQL Injection in INSERT Query.pdf

    Any suggestions, comments are welcome.

    AMol NAik

    Updated 02-03-2012 at 11:10 AM by amolnaik4

  10. My Euro Trip 2: HITB [Hack In The Box Amsterdam]

    Here goes my second part the HITB ventures , could read the BLackhat diary form here.

    I was in Europe twice this year , in March for BlackHat Presenting on IVR Security. And in May for HITB presenting on "CXML VXML Auditing" . So now many months since these conferences have ended and I finally got some time, I have managed to write up my thoughts on them.
Page 3 of 11 FirstFirst 12345 ... LastLast