Password and Hash

22 08 2012

Password attack: very good article

online rainbow table

malware signature
Oh sweet!!

No this one is not related to this topic, but it’s so sweet!!
SMS Spoofing and its tool.





stealth ideas to check egress rules on firewall

14 08 2012

To verify egress rules on firewall. we could
1. look at firewall policies
2. ask some employees to help in other words do social engineering
3. guess

The first two approaches are not what I would like to talk today instead I am focusing on guessing technique. A stager of Metasploit called reverse_tcp_allports is one of the nice ideas to do this.
However, if we need more stealth, create a server which responses to any TCP port like 65K Open TCP Ports and watch for our traffic.

“The quieter you become the more you can hear”





Random stuffs — new coming pentest environment

10 08 2012

I got these today, and will explore later.

MobiSec Live Environment
exploit-exercises





Client-side Attack

21 03 2012

These were talked in NotaCon 6th.

  • Fast-Track- Advanced Penetration Techniques Made Easy
  • Time To Replicate The Real Threat- Client Side Penetration Testing
  • Therefore, enjoy human hacking!!





    Being a good and great penetration tester

    15 03 2012

    Nothing to be written and said, but only the reference to these stuffs which exemplify how to be a good and great penetration tester.

  • RSA Flash Talk: Top 5 Reasons It’s GREAT To Be a Pen Tester
  • Mamma’s Don’t Let Your Babies. Grow Up to Be Pen Testers
  • Adaptive Penetration Testing
  • Secrets of America’s. Top Pen Testers – Recommended!!
  • Go for it, just like I am doing.





    Exploitation

    13 03 2012

    A resourceful reference in forum intern0t:
    Window Exploitation

    and
    this one Exploitation 101 by Alexandder Sotirov





    Smashing Flash Applications

    11 03 2012

    Episode. 0X00
    When we perform penetration testing against web applications, Flash embedded objects are in our scope. Even the stakeholder did not refer it in details, it is an interesting target. More importantly, if the business logic depends on Flash object, the whole target could be defeated.

    If I have enough time, I will be back, and describe what I have done when dealing with juicy flash object. Well, sometimes it could be difficult if the luck is not on your side.

    Favourite tools

  • sothink swf decompiler — reverse engineering its objects and action script
  • CheatEngine — good for cheating especially on games
  • any hex editors : 010 Hex editor— is ok, but not free. HxD is not bad
  • Project SIKULI — Visual technology by MIT, easy to use, very cool ideas, and great for automation. You could write an easy BOT with this tool.
  • Adobe Flash Investigator — A swiss army knife for smashing swf object released by Adobe. This only tool could somehow substitute all above tools I referred to.
  • Flash Exploitation Database — by Jason Calvert of WhiteHat Security Inc.
  • Assessing, testing and validating Flash content in OWASP AppSec 2010
  • See you, then!