Posted: February 6th, 2010 | Author: xanda | Filed under: IT Related | Tags: 0day, billion, exploit, malaysia, modem, remote, riger, router, telekom, TM | 7 Comments »
Quick update
Here is my short update. I was playing around with the ‘nice’ modem and I found 2 vulnerability
1) Remote code execution
2) DoS
Tested on Firmware Version : 2.10.5.0(UE0.C2C)3.7.6.1
I’m looking forward to play around with Riger Corporation’s modem that came with “Enhanced by TM R&D Malaysia” label on it 🙂
Posted: January 19th, 2010 | Author: xanda | Filed under: IT Related | Tags: 0day, aurora, CVE-2010-0249, DEP, exploit, IE, internet explorer, vista, windows, windows 7, xp | No Comments »
:: Quick update ::
Today, I’ve been working on a video on the Aurora IE 0day exploit PoC that really mimics the original Aurora’s exploit on Google.
However, the original exploit gonna fail if you enable DEP on the machine.
A few minutes back, someone ping and inform me on the new PoC that gonna bypass the DEP. If true, enabling DEP wont protect IE users anymore 😉
But you are still safe if you disable Active Script / JavaScript support for your IE
Here is how you can disable the Active Shit/JavaShit Active Script / JavaScript support in your IE: Advisory
Posted: January 15th, 2010 | Author: xanda | Filed under: IT Related | Tags: /etc/hosts, autocomplate, bash, bash-completion, hosts, mac | No Comments »
Make sure you have the following dependencies installed:
The only thing you need to do is to install bash-completion
sudo port install bash-completion |
sudo port install bash-completion
Done 😉
Posted: January 13th, 2010 | Author: xanda | Filed under: IT Related | Tags: 2009, hacking, ten, top, top 10 | 2 Comments »
Top Ten Web Hacking Techniques of 2009!
1. Creating a rogue CA certificate
Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger
2. HTTP Parameter Pollution (HPP)
Luca Carettoni, Stefano diPaola
3. Flickr’s API Signature Forgery Vulnerability (MD5 extension attack)
Thai Duong and Juliano Rizzo
4. Cross-domain search timing
Chris Evans
5. Slowloris HTTP DoS
Robert Hansen, (additional credit for earlier discovery to Adrian Ilarion Ciobanu & Ivan Ristic – “Programming Model Attacks” section of Apache Security for describing the attack, but did not produce a tool)
6. Microsoft IIS 0-Day Vulnerability Parsing Files (semi‐colon bug)
Soroush Dalili
7. Exploiting unexploitable XSS
Stephen Sclafani
8. Our Favorite XSS Filters and how to Attack them
Eduardo Vela (sirdarckcat), David Lindsay (thornmaker)
9. RFC1918 Caching Security Issues
Robert Hansen
10. DNS Rebinding (3-part series Persistent Cookies, Scraping & Spamming, and Session Fixation)
Robert Hansen
[source: Jeremiah Grossman]
Posted: December 28th, 2009 | Author: xanda | Filed under: IT Related | Tags: 0day, advisory, IIS, workaround | No Comments »
I’ve received the ‘feed’ regarding the IIS vulnerability on the 23rd December, but due to busy (preparing for examination) week, the advisory for the vulnerability is still pending.
From my observation, IIS 7 and IIS 7.5 are not vulnerable to the bug.. I already have a few working workaround for the 0day and all of them will be compiled in my upcoming advisory.. soon.. 😛
cheers!
** [Updated on Tue Dec 29 01:26:39 MYT 2009]
Done! Sent to webmaster. Waiting to be published
** [Updated on Tue Dec 29 21:33:20 MYT 2009]
Published 🙂