모의해킹 (WAPT)194 728x90 728x90 Offensive Security Exploit Weekend Sud0′s story : After quickly analyzing the pdf file, it was clear that the PDF reader is vulnerable to a buffer overflow when parsing an overly long string in the "Title" field. (Simply open the pdf file in a editor or use Didier Stevens’ pdf-parser.py tool to list the elements in the pdf file) When opening the PoC pdf file in Foxit Reader (with Immunity Debugger attached to it), an access viola.. 2010. 11. 23. Install And Setting PsyBNC On Unix Shell What is psyBNC? psyBNC is an IRC network bouncer (BNC). psyBNC is short form of psychoid bouncer (BNC). psyBNC is mostely used to hide your ip on IRC network and bounce your ISP. It is very easy to use and due to its unique features, it has become most popular BNC (specially on FREEBSD) . psyBNC does not just bounce your ISP (hide your ip) it also stays connected to IRC server even after you clo.. 2010. 11. 9. (동영상) Discovered XSS on Facebook can lead to account hijack 출처 : http://www.acunetix.com/ 2010. 11. 9. Online services security report car Note that “WordPress” refers to all the independent implementations of WordPress, but the WordPress.com free hosting site does implement SSL. The bottom portion of the table refers to generic protocols that are commonly used by computers and smartphones, the vast majority of which use the unsafe versions. What are authentication cookies?To save you the trouble of having to sign in with username .. 2010. 11. 8. Firefox Addon Firesheep Exploit 계정 탈취의 위험한 현실 Firesheep: 누구나 할 수 있는 계정 탈취의 위험한 현실공개 Wi-Fi 환경에서 벌어지는 ‘세션 하이재킹’의 경각심을 일깨운 보안 이슈1. Firesheep이란? – 클릭 몇 번으로 남의 계정을 탈취하다Firesheep은 2010년 ToorCon 보안 컨퍼런스에서 발표된 Firefox 웹브라우저 확장 기능(Addon)입니다. 개발자인 Eric Butler는 이 애드온을 통해 공개 Wi-Fi 환경에서 얼마나 쉽게 사용자의 계정을 탈취할 수 있는지 시연했습니다.주요 기능 요약기능설명네트워크 스니핑동일 네트워크에서 전송되는 HTTP 트래픽 가로채기세션 쿠키 탈취로그인한 사용자의 세션 쿠키를 캡처자동 로그인쿠키를 활용해 해당 계정으로 웹사이트에 자동 로그인즉, Firesheep은 일반인이 클릭 몇 번만으.. 2010. 11. 4. 이전 1 ··· 26 27 28 29 30 31 32 ··· 39 다음 728x90 728x90
