A paper by Immunity describing in technical detail the details of the LLSSRV issue described in MS05-010. This paper also describes how this issue affects Windows 2000 AP SP3 and SP4 without authentication, something which was not described in the MS05-010 bulletin.
8fca2ad37584a5732b4b6edbc1621eb4A good introduction to writing exploits for the Win32 platform. Walks through creation of an exploit for a real vulnerable piece of software, using OllyDbg to help isolate the fault and exploit it.
c82b02cacf17ed00b5e672a952f10187A bit of a rant about how Microsoft and Virus scanners fail to properly pay attention to .txt file extensions and how they can be used by attackers to fall into the background.
8c8f1633621e904ee458ed21ee9ec128Small whitepaper describing the obfuscation algorithm used by Windows 2k/NT/XP Syskey and the steps required to remove its encryption from the password hashes. Tools to automate the process included.
0ff1b279635db3fd61771f14c0845e7bA simple tutorial on Windows Shellcoding - Shows how to write shellcode in asm that spawns a cmd shell. Includes tools to encode the asm code to avoid NULL bytes, and to generate the typical C shellcode. In Powerpoint and PDF format.
9bb1d585433160ae4eada84edb85d3beBrief research paper that audits and discusses the true scope of how many hosts on the Internet actually have TCP port 139 listening and are susceptible to attack.
bdd6e30719b9fc83c5360faff129ac70Paper discussing utilization of the Win32 exploit for the DCOM RPC vulnerability.
889a041d43ec856b94ae7ad2a59817bePaper discussing more shatter attacks that are possible using SEH memory locations to escalate privileges in Windows. Related information available here.
841917c449222c7c68f22a84d3d11592An iDEFENSE released security paper reflecting on the Shatter Attacks found against the Windows operating system in 2002. It clarifies what the flaws in the Windows event model are, describes a related vulnerability that continues to exist in many popular software products and suggests ways in which these unfixable flaws might be addressed.
abc0c958e4b7f3d53e3026d8fdc351a7This paper presents a new generation of attacks against Microsoft Windows, and possibly other message-based windowing systems. The flaws presented in this paper are, at the time of writing, unfixable. The only reliable solution to these attacks requires functionality that is not present in Windows, as well as efforts on the part of every single Windows software vendor. This paper documents Next-Generation Win32 exploits being based off of fundamental API flaws.
2f95ab2d480572b804598dd07555fba0Security Hardening of Windows 2000 and NT Server Machines - Contains a roundup of good security practices, hardening, ways that windows-boxes are penetrated, and a roundup of some useful tools. Written in 2001.
1e8a39003bf05aff01d0231118c58090How to hack windows remotely through file sharing.
ff854fd2b5fc34401d21335c216b22d6Windows 2000 Format String Vulnerabilities - Includes detailed discussion of how format string bugs in fprintf(), vprintf() and sprintf() calls they are created, discovered, and exploited.
f08de556c293621dc8bbde597c7b51c3Whitepaper on hardening the Windows 2000 operating system.
e21d70d39dd02251713657ef7f731d12Windows 2000 machines can reliably be identified remotely because they do not correctly respond to ICMP query messages with a nonstandard Type-of-Service value.
941778b22687c30aeb6b752df9a14505Windows 2000 Security - Log of a Windows 2000 hack and explanation of the dangers involved with the default security in Windows 2000 professional.
976b00715da24532db4d6256eb358c11
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed