exploit22 728x90 More about the JailbreakMe PDF exploit Today has been released the source code of the Jailbreakme exploit, so maybe this explanation comes a bit late. In the update of the previous post about this subject I knew that I was right about the overflow in the arguments stack when parsing the charstrings in the Type 2 format, so here is a little more info. After decoding the stream of the object 13 we can see the following bytes (talking a.. 2011. 2. 21. Create a New User with UID 0 - ARM (Meta) # Exploit Title: Linux/ARM - Create a new user with UID 0 (MSF) # Date: 2010-11-25 # Author: Jonathan Salwan - twitter @shell_storm # Tested on: ARM926EJ-S rev 5 (v5l) # Issue link: https://metasploit.com/redmine/issues/3254 ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for mor.. 2010. 12. 9. Offensive Security Exploit Weekend Sud0′s story : After quickly analyzing the pdf file, it was clear that the PDF reader is vulnerable to a buffer overflow when parsing an overly long string in the "Title" field. (Simply open the pdf file in a editor or use Didier Stevens’ pdf-parser.py tool to list the elements in the pdf file) When opening the PoC pdf file in Foxit Reader (with Immunity Debugger attached to it), an access viola.. 2010. 11. 23. Firefox Addon Firesheep Exploit 계정 탈취의 위험한 현실 Firesheep: 누구나 할 수 있는 계정 탈취의 위험한 현실공개 Wi-Fi 환경에서 벌어지는 ‘세션 하이재킹’의 경각심을 일깨운 보안 이슈1. Firesheep이란? – 클릭 몇 번으로 남의 계정을 탈취하다Firesheep은 2010년 ToorCon 보안 컨퍼런스에서 발표된 Firefox 웹브라우저 확장 기능(Addon)입니다. 개발자인 Eric Butler는 이 애드온을 통해 공개 Wi-Fi 환경에서 얼마나 쉽게 사용자의 계정을 탈취할 수 있는지 시연했습니다.주요 기능 요약기능설명네트워크 스니핑동일 네트워크에서 전송되는 HTTP 트래픽 가로채기세션 쿠키 탈취로그인한 사용자의 세션 쿠키를 캡처자동 로그인쿠키를 활용해 해당 계정으로 웹사이트에 자동 로그인즉, Firesheep은 일반인이 클릭 몇 번만으.. 2010. 11. 4. Invision Power Board SQL injection exploit by RST/GHC #!/usr/bin/perl ## Invision Power Board SQL injection exploit by RST/GHC ## vulnerable forum versions : 1.* , 2.* (<2.0.4) ## tested on version 1.3 Final and version 2.0.2 ## * work on all mysql versions ## * work with magic_quotes On (use %2527 for bypass magic_quotes_gpc = On) ## (c)oded by 1dt.w0lf ## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ## screen: ## ~~~.. 2010. 10. 26. 이전 1 2 3 4 5 다음 728x90 728x90