| Corelan Cybersecurity Research - Part 11Corelan Cybersecurity Research

Search Results for:

DLL Hijacking (KB 2269637) – the unofficial list

Published August 25, 2010 |

This page hosts an unofficial list of applications that are said to be vulnerable to the dll hijacking flaw (or feature or whatever you want to call it). Note that I did not test these applications myself. If you have found other applications to be vulnerable and want to add them to the list, send […]

Posted in 001_Security, Exploits | Tagged 2269637, 3-0-csl-2264107, applications, camtasia-studio-res-dll, corel-draw-wow64-official-site, corelan-be, corelean-buffer-overflow, dll, dll hijack, dll hijacking, download-kb-2269637, hijack, hijack-dll-guid, j2k-dll-dll, kb2269637, lotus-notes-address-book-hijacked, metasploit-windows-7-home-premium-6-1, pvefindaduser-exe, vulnerable, windows-7-home-premium-metasploit

Exploit notes – win32 eggs-to-omelet

Published August 22, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

In article 8 of my exploit writing series, I have introduced the concept of egg hunters, and explained what an omelet hunter is and how it works. Today, I want to share with you my own eggs-to-omelet implementation, explain how it works, and how you can use it in a standalone exploit or in a […]

Posted in 001_Security, Exploit Writing Tutorials | Tagged assemble, egg, egg hunter, eggs omelet, eggs-to-omelet, find, hunter, metasploit, nasm, omelet, omelet-egghunter, omelette-sitecorelan-be, payload, pvefindaddr, recombine, search, sequence-of-imagesegg, shellcode, skylined, xc3-code

Cisco VoIP Phones – A Hackers Perspective

Published July 27, 2010 |

By chap0

Introduction In the world of VoIP phones, each person may look at them differently. For some, an annoyance that sit on their desk, or maybe for some it is simply a part of their job either deploying them or as a help desk position taking phone calls all day. This could even go as far […]

Posted in 001_Security, Cisco, Papers | Tagged Cisco, cisco voip, cisco-voip-cheatsheet, hackers perspective, people-on-cisco-phones, phones hackers, target ending, ucsniff voip, understand vulnerabilities, using voip, utilizing ucsniff, voip, voip network, voip phones, voip security, voip-cheat-sheet, vulnerabilities may, waiting malicious, world voip, write intro

WATOBO – the unofficial manual

Published July 23, 2010 |

By Corelan Team (fancy)

WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. I am convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities. WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only. It works […]

Posted in 001_Security, Papers, Web Application Security | Tagged 001_Security, active, active checks, audit, base64, decode, encode, filter, filter functions, functions, fuzzer, interceptor, login, passive, passive checks, proxy, regex, requests, scan, scanner, semi, semi automated, session, vulnerability, watobo, watobo supports, web application

CTF

Published July 21, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

ROP Gadgets

Published July 7, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

This page contains a collection of rop gadgets that can be found in commonly used Windows OS dll’s and common applications. All gadget text files were generated with pvefindaddr. If you are building a rop based exploit and want to use rop gadgets from one of those dll’s, you can simply download the text files […]

Tagged 6-0-6002-18005, cacheg0cxfev69qmjabysssec-comfilesthe_arashi-pdf-office-2010-bypass-dep, corelan-be-rop-gadgets, corelan-rop, corelan-rop-gadgets, gadget-rop, gadgets-rop, immunitydbg-search-for-rop, java-rop-gadgets, msgr3en-dll, rop gadget, rop-exploits, rop-gadget-tool, rop-gadgets, rop-gadgets-immunity-debugger, rop-jop-gadets, search-for-rop-gadgets, stackpivot-for-seh-rop-exploits, uiautomationcore-dll-6-1-7600-16386-download, what-are-rop-gadgets

How strong is your fu 2 – the report

Published June 23, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

For anyone interested, this is _sinn3r’s and tecr0c’s writeup of the steps they took to own 4 out of the 5 machines in last weekend’s HSIYF – Hacking for Charity cyber hacking challenge …
Continue reading →

Posted in 001_Security | Tagged -hack, challenge, corelan-how-srong-if-your-fu, ctf, cyber, cyber-hacker, hacking, hacking-challenge, hacking-ninja, how-strong-is-you-fu, how-strong-is-your-foo, how-strong-is-your-fu, how-strong-is-your-fu-offensive-security, how-strong-is-your-fu2, hsiyf, hsiyf-report, offensive, offensive security, offsec, report

corelanget

Published June 22, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

How strong is your fu : Hacking for charity

Published June 22, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

Last weekend, Offensive Security hosted their second cyber hacking challenge, called “HSIYF For Charity”. The goal of this challenge was to raise money for Johnny Long’s “Hackers for Charity” project, a charity organization that tries to feed children, build computer labs etc in East Africa. Each challenger had to donate $49 to be able to […]

Posted in 001_Security | Tagged corelan-hacking, corelan-how-strong-is-your-foo, corelan-strong, ctf, cyber-hackers, hacking, hfc, how-strong-is-my-foo-corelan, how-strong-you-fu-pdf, hsiyf, june-22-2010-hacked, offensive security, offensive-security-wallpaper, offsec, pastie-sh-hackers-for-charity, pentesting-training-class-online-private, successfullyowned, tournament, try-harder-offensive-security, vpn-hacking

dropbox

Published June 19, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Search Results for:

DLL Hijacking (KB 2269637) – the unofficial list

Exploit notes – win32 eggs-to-omelet

Cisco VoIP Phones – A Hackers Perspective

CTF

ROP Gadgets

How strong is your fu 2 – the report

corelanget

How strong is your fu : Hacking for charity

dropbox

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!