Section: .. / papers / general /
| /// File Name: |
perl-format-string.txt |
Description:
|
Format String Vulnerabilities in Perl Programs - Whitepaper discussing all the attack and impact details of recent discussions surrounding format string exploitation in perl. Provides further insight on how these flaws can be manipulated and has examples.
| | Author: | Steven M. Christey | | File Size: | 25936 | | Last Modified: | Dec 3 01:06:52 2005 |
| MD5 Checksum: | ff51ff0694b291ce947b9effb9227978 |
|
| /// File Name: |
022805.txt |
Description:
|
This paper describes several techniques for exposing file contents using the site search functionality. It is assumed that a site contains documents which are not visible/accessible to external users. Such documents are typically future PR items, or future security advisories, uploaded to the website beforehand. However, the site is also searchable via an internal search facility, which does have access to those documents, and as such, they are indexed by it not via web crawling, but rather, via direct access to the files. Therein lies the security breach.
| | Author: | Amit Klein | | Homepage: | http://webappsec.org/ | | File Size: | 25702 | | Last Modified: | Feb 28 19:15:11 2005 |
| MD5 Checksum: | 87eb98b564a55d22d12c7b83e9641965 |
|
| /// File Name: |
locating-firewalls.txt |
Description:
|
Locating Stateless Firewalls focuses on methods to discern between stateful and stateless firewalls. It discusses about how stateless firewalls can be further exploited due to possible misconfigurations and the result of RFC ambiguities.
| | Author: | ithilgore | | Homepage: | http://sock-raw.homeunix.org/ | | File Size: | 24736 | | Last Modified: | Dec 8 23:28:11 2008 |
| MD5 Checksum: | ca1bfcdeca6c4e712760e4c6c7735449 |
|
| /// File Name: |
http_botnet.txt |
Description:
|
Whitepaper on setting up a HTTP controlled botnet. Code examples provided.
| | Author: | cross | | File Size: | 24691 | | Last Modified: | Oct 22 17:18:52 2008 |
| MD5 Checksum: | db39c5c6d8edc80aed2f9e2b9fc59db0 |
|
| /// File Name: |
kye-worm.txt |
Description:
|
Know Your Enemy: Worms at War - A Windows 98 honeypot machine was taken over by 2 different worms in a week. The worms spread via open file shares and installed the distributed.net RC5 client.
| | Author: | Lance Spitzner | | Homepage: | http://www.enteract.com/~lspitz | | File Size: | 24247 | | Last Modified: | Nov 10 15:53:16 2000 |
| MD5 Checksum: | 1f23b9b0bef894b514c2ff7775caa093 |
|
| /// File Name: |
MiddleMan.pdf |
Description:
|
Paper explaining man-in-the-middle attacks, using a secure web connection as an example.
| | Author: | Coretez Giovanni | | Homepage: | http://www.8thport.com | | File Size: | 23949 | | Last Modified: | Feb 23 03:18:18 2000 |
| MD5 Checksum: | 973f3acfc65b90435e2c51884eef8682 |
|
| /// File Name: |
httpResponseSmuggle.txt |
Description:
|
Whitepaper entitled "HTTP Response Smuggling". It discusses evasion techniques to bypass anti-HTTP response splitting strategies.
| | Author: | Amit Klein | | File Size: | 23560 | | Last Modified: | Feb 25 17:15:15 2006 |
| MD5 Checksum: | 028a2ccfa04710b1e9b0329c14a9e4ee |
|
| /// File Name: |
Altering_ARP_Tables_v_1.00.htm |
Description:
|
Altering ARP Tables v1.00 - This paper is dedicated to ARP tables and how to alter them remotely. Includes a couple of implementations of ARP poisoning in a bridge based segment and a couple of ways to protect yourself.
| | Author: | Data Wizard | | File Size: | 22573 | | Last Modified: | Sep 7 23:03:45 2001 |
| MD5 Checksum: | 2cddda46bc0102cac912313b0b33cd68 |
|
| /// File Name: |
mi018en.htm |
Description:
|
Shellcode programming for SCO. All examples are taken from a SCO OpenServer 5.0.4 machine so some of them may not work under another SCO type of Unix (like unixware) although I have tried to make it as portable as possible.
| | Author: | Renegade Master | | Homepage: | http://hispahack.ccc.de/en/index.html | | File Size: | 22438 | | Last Modified: | Jan 27 15:21:23 2000 |
| MD5 Checksum: | e2cf541e7912b8ad9f967cc885c076c9 |
|
| /// File Name: |
hacker_society.txt |
Description:
|
Hacker Society Whitepaper - Rarely does the media explain the ethics, codes, rules and regulations that govern this mysterious society. A society that exists known solely amongst underground. A professional approach has not been taken in analysing this mysterious sub culture.
| | Author: | Gilbert Alaverdian | | File Size: | 22417 | | Last Modified: | Apr 18 18:26:21 2000 |
| MD5 Checksum: | 54d79d3a9903f99483b036f02bfd7768 |
|
| /// File Name: |
timesync.html |
Description:
|
White paper discussing the fact that many modern networks are extremely dependant on a centralized time resource and the negative aspects of a network not having one.
| | Author: | 3APA3A | | Homepage: | http://www.security.nnov.ru/advisories/timesync.asp | | File Size: | 22180 | | Last Modified: | Aug 20 03:54:26 2004 |
| MD5 Checksum: | b4fcd8bce74ebb05e8db85ae5c200d7c |
|
| /// File Name: |
securing_a_webserver.txt |
Description:
|
Whitepaper discussing a lockdown methodology for a Cent OS 5 server with Apache and Cpanel installed.
| | Author: | QKrun1x | | File Size: | 21682 | | Last Modified: | Jul 16 20:03:24 2008 |
| MD5 Checksum: | c48568dcf8bbd3abcdfa1033ce6b1f2c |
|
| /// File Name: |
server_security.txt |
Description:
|
Whitepaper discussing a lockdown methodology for a Cent OS 5 server with Apache installed.
| | Author: | QKrun1x | | File Size: | 21584 | | Last Modified: | Oct 30 19:49:06 2008 |
| MD5 Checksum: | dcb47cf92dc9edbc577e62c87ea5a8c7 |
|
| /// File Name: |
juggle.txt |
Description:
|
Juggling with packets: floating data storage - White paper discussing the use of network traffic as a storage medium for data and how this could be utilized to not leave an audit trail.
| | Author: | Wojciech Purczynski,Michal Zalewski | | Homepage: | http://isec.pl/ | | File Size: | 18363 | | Last Modified: | Oct 6 15:25:23 2003 |
| MD5 Checksum: | 2994c468e5e7ed30279735e471c26c4e |
|
| /// File Name: |
BlockingSkype-rootn0de2005.pdf |
Description:
|
Whitepaper called Blocking Skype Using Squid And OpenBSD.
| | Author: | vi_cipher | | File Size: | 18212 | | Last Modified: | Nov 15 06:01:59 2005 |
| MD5 Checksum: | 909e63b1e1ea395ba89d9de7898c392f |
|
| /// File Name: |
bufferpaper.txt |
Description:
|
This paper goes into great detail describing how to utilize format string attacks with limited buffer space.
| | Author: | Xpl017Elz | | Homepage: | http://x82.inetcop.org | | File Size: | 16969 | | Last Modified: | Jun 11 02:32:02 2003 |
| MD5 Checksum: | c533bdbebb1fc4a96cf43dbff879cdc5 |
|
| /// File Name: |
nist.txt |
Description:
|
Computer User's Guide to the Protection of Information Resources: A report from the US National Institute of Standards and Technology
| | File Size: | 15703 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | e816e07f6e520a6bcf8060b352db653f |
|
| /// File Name: |
address-spoof.txt |
Description:
|
Address Bar Spoofing Attacks Against Microsoft Internet Explorer 6. Due to formatting issues when sent , additional notes regarding the attacks are appended.
| | Author: | Amit Klein | | Homepage: | http://www.trusteer.com/ | | File Size: | 15579 | | Last Modified: | Oct 27 18:38:09 2008 |
| MD5 Checksum: | 5bf24bf420c7b4f9d6da416472832ec8 |
|
| /// File Name: |
rfpolicy-2.0.txt |
Description:
|
RFPolicy 2.0 - rain forest puppy's policy on notifying vendors and releasing security vulnerabilities.
| | Author: | rain forest puppy | | Homepage: | http://www.wiretrip.net | | Changes: | Less stringent on timeframes, more stringent on communication. Thanks to everyone who contributed. I also added some supporting notes (FAQ, etc) to help dispell some misconceptions on it. | | File Size: | 15498 | | Last Modified: | Oct 17 15:45:59 2000 |
| MD5 Checksum: | 4bb04bf50ab00e365ec966deb62c2a7a |
|
| /// File Name: |
modsecips.html |
Description:
|
Securing LAMP - A whitepaper that discusses a methodology to configure, test, and run a Secure LAMP environment.
| | Author: | Jesus Oquendo | | Homepage: | http://www.infiltrated.net/ | | File Size: | 15428 | | Last Modified: | Nov 13 11:14:29 2006 |
| MD5 Checksum: | bcacccdeb14c1322732a9766c791d51a |
|
| /// File Name: |
i-bot.txt |
Description:
|
I, Bot, Taking Advantage Of Robots Power. A response to the original bot related article in Phrack written by Michal Zalewski.
| | Author: | Crossbower | | Homepage: | http://www.playhack.net/ | | File Size: | 15138 | | Last Modified: | May 16 22:26:14 2007 |
| MD5 Checksum: | 50a152ffdd28969e6ad885b444f34b17 |
|
| /// File Name: |
votehack.txt |
Description:
|
Article about evidence mounting that the vote was hacked. The FBI has been called in to Florida.
| | Author: | Thom Hartmann | | Homepage: | http://CommonDreams.org | | File Size: | 14240 | | Last Modified: | Nov 10 01:49:51 2004 |
| MD5 Checksum: | 2c398b6336f2e2e0d98f62a2048297f1 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
