Exploitation

Mon
09
Nov

Discovering passwords in the memory

Contributed by Abhishek Kumar

Escalation of privileges is a common method of attack where a low privileged user exploits a vulnerability to become an administrator or a higher privileged user. Privilege escalation may be achieved through cracking of administrative passwords, local buffer overflows and stealing of passwords. This paper discusses a common vulnerability that could be exploited by low privileged users to steal critical passwords and escalate their privileges. While this vulnerability has been known for several years, our research indicates that a large number of applications are still vulnerable to this flaw. As of this writing, we have informed the software vendors about the vulnerability, and are working with them to fix it.

This document is in PDF format. To view it click here.

Fri
06
Nov

Stuxnet

Contributed by Andrew Jenkins

Imagine a future when a virus is smart enough to evade detection, and stealthily spread between computers, even ones that are not networked together. Thanks to a virus called Stuxnet that future has become the present. Stuxnet is a computer virus that targets specific industrial control systems. Industrial control systems are used in manufacturing systems as well as to control electrical, water and power plants. Stuxnet’s main goal was to damage centrifuge rotors inside the Natanz Nuclear Fuel Enrichment Plant located in Iran. It seeks to reach this goal through the use of two methods. Stuxnet is unique because it is one of the first cyber-physical attacks in history. This kind of attack is computer or cyber based but the result causes physical damage. This paper seeks to describe how Stuxnet functioned and how such a threat can be prevented in the future.

Mon
02
Nov

Writing Cisco IOS Rootkits

Contributed by Luca

Fri
02
Oct

Cookie Dethroning: DEMYSTIFIED (Part 2 of 2)

Contributed by Zer()Kn()ck

This Paper Is Extensively Designed For Digging deep into cookies. It jolts the cookie analysing and exploitation of cookies at the extremity. This is undertaken to have an eye on the cookie manipulation ,hacks and exploits that can be processed by an attacker for extracting information from the system on the fly.

This document is in PDF format. To view it click here.

Fri
02
Oct

Cookie Dethroning: DEMYSTIFIED (Part 1 of 2)

Contributed by Zer()Kn()ck

This Paper Is Extensively Designed For Digging deep into cookies. It jolts the cookie analysing and exploitation of cookies at the extremity. This is undertaken to have an eye on the cookie manipulation ,hacks and exploits that can be processed by an attacker for extracting information from the system on the fly.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Exploitation