This paper demonstrates how to ARP poison a connection between Windows 7 and Windows 2008 R2 Server using Cain.
ef9266998c0a638d9a127633eb6b3263This is a brief whitepaper called A Backdoor in the Next Generation Active Directory.
4322964f07c8caf1a4bd6cd89912fef5Whitepaper called Windows 7/2008 Event Log Forensic and Reversing Analysis.
3674019074b68ec149e014050a342204Whitepaper called Firewire-based Physical Security Attacks on Windows 7, EFS and BitLocker.
d1e374eb7be3ea6d97c8ba5fa55f8371Whitepaper entitled Reverse Engineering Microsoft F#.
646434fe251aefffc57d98fa5e28037aBreaking The Windows Server 2003 SP2 Stack.
b4328f2c7b3f800582602b7bf3872e77Access Through Access - A whitepaper that has aggregated various material regarding how to exploit Microsoft Access during a penetration test.
1511fb8b161bbf68d08ff934a1f1f114Physical Security Attacks On Windows Vista - A short whitepaper discussing the firewire unlock attack.
38aa74a1488c9b7c08630e81c4343ba5Whitepaper detailing Microsoft API function pointer hijacking.
defc0c2f3c81fbe2b0984fb4f41d73acSmall write up discussing how ShellExecute() works and how applications must make use of it.
7752202884ef40cf52770806232a2126Whitepaper discussing Windows DNS cache poisoning by forwarder DNS spoofing.
6e95d4e60558e072e418b4036af71e0aSmall paper that discusses SMB and NetBIOS on Windows and how a user can disable them.
61a6e2a511d023c375ac2e9e0fa7ff37Whitepaper entitled Windows Vista 64bits And Unexported Kernel Symbols.
d3517b08b5aaeb3831f9c6e828a16dd2Short whitepaper discussing API hooking/interception via DLL redirection.
4e78af66fd03f49d6878ac5a06b14467Windows Vista includes a new memory protection system called ASLR. Its goal is to escape buffer overflow attacks in vulnerable programs. Ali Rahbar, has made a complete study of this security mechanism, and found a new implementation flaw that allows to bypass this protection.
72474dfdfa0795f1434c9375d5690367This multi-part tutorial will present several ways in which you can add functionality to closed source Windows executables through DLLs, PE header modification, and good old assembly code. Adding code to existing code caves, modifying PE headers to create code caves and/or importing DLL functions, adding backdoors to programs, and adding plugin support to closed-source programs are all covered.
12b2cdafaf8a4dc8244d3cd2859947c7Whitepaper discussing the hardening of Windows NT.
ec1538b2f0f47f6d427178fa6c3986a3Whitepaper discussing the fact that the Microsoft Server Message Block Redirector Driver (mrxsmb.sys) does not verify the user-mode buffer properly, allowing any user to overwrite any desired memory address. The successful exploitation results in Ring0 code execution.
ff5d41f27bb5aaad5e4b516897b128e4Source code for all the examples used in tutorials 1 through 4 of 'Writing Stack Based Overflows On Windows'.
be840faace1a6e3c9e0965a9261c328bWriting Stack Based Overflows on Windows - Part IV: Shellcode creation and exploitation an application remotely.
02bd4588eddd075cfa4719ee16a3accfWriting Stack Based Overflows on Windows - Part III: Walking through a stack based overflow and writing an exploit for a local overflow.
acfe032bffa059a6c9f793e1747f209dWriting Stack Based Overflows on Windows - Part II: Windows Assembly for writing Exploits
7801a3c8566ddd0bf6d2a971c1169e8dWriting Stack Based Overflows on Windows - Part I: Basic Concepts
323c43c35578f47d6da9e2f78acea9f3Story of a dumb patch - This paper describes a mistake made by Microsoft in patch MS05-018 where Microsoft failed to properly fix a vulnerability having to release a new patch MS05-049. Hopefully this paper will open the eyes of software vendors to not repeat these kind of mistakes.
d646c9f681675c21ab8234ecacfbca7d
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed