Search Results for: debug ike
Exploit writing tutorial part 8 : Win32 Egg Hunting
Introduction Easter is still far away, so this is probably the right time to talk about ways to hunting for eggs (so you would be prepared when the easter bunny brings you another 0day vulnerability) In the first parts of this exploit writing tutorial series, we have talked about stack based overflows and how they […]
Exploit writing tutorial part 7 : Unicode – from 0x00410041 to calc
Finally … after spending a couple of weeks working on unicode and unicode exploits, I’m glad and happy to be able to release this next article in my basic exploit writing series : writing exploits for stack based unicode buffer overflows (wow – that’s a mouthful). You may (or may not) have encountered a situation […]
Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR
Introduction In all previous tutorials in this Exploit writing tutorial series, we have looked at building exploits that would work on Windows XP / 2003 server. The success of all of these exploits (whether they are based on direct ret overwrite or exception handler structure overwrites) are based on the fact that a reliable return […]
Exploit writing tutorial part 3 : SEH Based Exploits
In the first 2 parts of the exploit writing tutorial series, I have discussed how a classic stack buffer overflow works and how you can build a reliable exploit by using various techniques to jump to the shellcode. The example we have used allowed us to directly overwrite EIP and we had a pretty large […]
Exploit writing tutorial part 1 : Stack Based Overflows
Last friday (july 17th 2009), somebody (nick)named ‘Crazy_Hacker’ has reported a vulnerability in Easy RM to MP3 Conversion Utility (on XP SP2 En), via packetstormsecurity.org. (see http://packetstormsecurity.org/0907-exploits/). The vulnerability report included a proof of concept exploit (which, by the way, failed to work on my MS Virtual PC based XP SP3 En). Another exploit was […]
Spread the word ! nmap 5 released
Insecure.org has released a new major version of the free, open source “nmap” security scanner. (Don’t just call nmap a port scanner – Thanks to many improvements over the last years, nmap has become an excellent security scanner). Visit http://nmap.org/5/ for more information about this new version. Although there are roughly 600 updates in this […]
Juniper : Netscreen Remote Dial-UP VPN with AD Radius Authentication and route based VPN / tunnel interface
The following procedure explains how to set up a Juniper ScreenOS based firewall to accept Netscreen Remote Client VPN connections and authenticate users using Active Directory (Radius via Windows 2003 IAS or Windows 2008 NPS). We’ll assume that all traffic to from the client to the 192.168.0.0/16 networks needs to pass via the client VPN […]
Windows XP L2TP over IPSec dialup client VPN to a Juniper ScreenOS firewall, using Certificates
Before looking at the various configuration steps, we’ll have to take the following assumptions into account : – We don’t want to use the Netscreen Remote client, but we want to use the Windows XP built-in dialup VPN technology that allows us to build PPTP or L2TP/IPSec connections. Juniper screenOS does not support PPTP (which […]
Using Fedora 9 as an OSPF / BGP router (Quagga / Zebra) and set up BGP between Linux and Juniper ScreenOS
In this post, I’m going to show you how to set up a Linux host (Fedora Core 9) and use it as a BGP enabled router. In order to fully understand the setup & configuration, please have a look at this blog post first, because I’ll use the setup in that post as a foundation […]
Juniper ScreenOS BGP Basics : a simple iBGP test case
As explained in one of my earlier posts, ScreenOS supports a couple of ways to provide for dynamic routing. Today, I’m going to explain some basic implementations of BGP on ScreenOS. Unlike my post on OSPF, I won’t be going too much into all the details of what BGP is and how it works, but […]
Donate
Your donation will help funding server hosting.
