exploit windows xp | Corelan Cybersecurity Research - Part 3Corelan Cybersecurity Research

Search Results for: exploit windows xp

CSO : Common Sense Operator/Operations

Published June 3, 2014 |

As the CSO/CISO/person responsible for Information Security, your job is to… well … do you even know? Does upper management know? “Our crappy CSO …” and “Our stupid CSO …” are statements commonly used by various (techie) people, throwing their hands up in despair, attempting to prove that their CSO doesn’t understand technology and has […]

Posted in CSO | Tagged 178-79-152-9, attitude, bcp, business continiuty, ciso, coleran-team, common sense, corelan, cso, defense, disaster recovery, drp, emet, experience, mona-download, positive, priorities, protection, sla, user awareness

Happy 5th Birthday Corelan Team

Published March 3, 2014 |

By Peter Van Eeckhoutte (corelanc0d3r)

Table of ContentsIntroductionDiscounts (in alphabetical order):Hak5Hex-RaysMalformity LabsNetsparkerNo Starch PressPatervaRapid7SANSSecurity RootsSyngressYour name here ? Introduction Corelan Team was founded in September of 2009. Over the last few years, the team has written and published numerous tutorials on exploit development. We have created a series of tools and scripts, and worked with vendors/developers across the globe to […]

Posted in 001_Security | Tagged 2014, 5 years, community, corelan, coupon, discount, hak5, happy birthday, hex-rays, infosec, malformity labs, metasploit, netsparker, no starch press, party, paterva, rapid7, sansinstitute, securityroots, stephen sims, syngress

Metasploit Meterpreter and NAT

Published January 4, 2014 |

By Peter Van Eeckhoutte (corelanc0d3r)

Professional pentesters typically use a host that is connected directly to the internet, has a public IP address, and is not hindered by any firewalls or NAT devices to perform their audit. Hacking “naked” is considered to be the easiest way to perform a penetration test that involves getting shells back. Not everyone has the […]

Posted in Metasploit, Pentesting | Tagged how-to-hack-nat-metasploit, how-to-use-metasploit-over-internet, httpswww-corelan-beindex-php20140104metasploit-meterpreter-and-nat, kali-metasploit-bind-with-pdf, metasploit, metasploit-behind-nat, metasploit-exploits-xp-sp3, metasploit-over-the-internet-kali, metasploit-targets-my-router, meterpreter, meterpreter-workings, nat, pentesting, port forwarding, reverse connection, reverse nat, reverse_http, reverse_https, reverse_tcp, value-of-lhost-in-metasploit-from-behind-firewall

Zabbix SQL Injection/RCE – CVE-2013-5743

Published October 4, 2013 |

By Corelan Team (Lincoln)

Table of ContentsIntroductionDisclosure Timeline:Vendor DetailsVulnerability DetailsThe patch Leveraging SQL InjectionCool! We got Admin, now what?Code Execution Further Exploitation? Introduction First off, please do not throw a tomato at me since this is not the typical Windows binary exploit article that is posted on Corelan! During a recent a penetration test, I encountered a host running Zabbix, an […]

Posted in Pentesting, SQL Injection, Web Application Security | Tagged 3, 5743, 5743-views, burp, corelan-be-zabbix-2-0-8, cve-2013-5743, exploit-sql-injection-2013, facebook-sql-injection-2013, got-a-deauthentication, metasploit, pentest, putting-injuction-in-bobs-video-for-free-download, putting-injuction-on-bobs-video-for-download, python-sql-injection-pastebin, single-url-sqli-scanner-php-pastebin, sql injection, web application, zabbix, zabbix-2-0-8-code-execution, zabbix-sql-injector-gratis-download

Root Cause Analysis – Integer Overflows

Published July 2, 2013 |

By Corelan Team (Jason Kratzer)

Table of ContentsForewordIntroductionAnalyzing the Crash DataIdentifying the Cause of ExceptionPage heapInitial analysisReversing the Faulty FunctionDetermining ExploitabilityChallengesPrerequisitesHeap BasicsLookaside ListsFreelistsPreventative Security MeasuresSafe-UnlinkingHeap CookiesApplication Specific ExploitationThoughts on This AttackGeneric Exploitation MethodsLookaside List OverwriteOverviewApplication Specific TechniqueWhy Not?Brett Moore: Wrecking Freelist[0] Since 2005Freelist[0] Insert AttackOverviewApplication Specific TechniqueWhy Not?Freelist[0] Searching AttackOverviewApplication Specific TechniqueWhy Not?ConclusionRecommended Reading Foreword Over the past few years, […]

Posted in Exploit Writing Tutorials, Root Cause Analysis | Tagged !exploitable, determine exploitability, fake chunk, freelist, freelist[0] insert atttack, freelist[0] search atttack, fuzzing, fwptr, gom player, heap, heap overflow, heapbase, integer overflow, lal head, lookasidelist, mona.py, mp4, msec.dll, peach, qt, root cause analysis, windbg

BlackHatEU2013 – Day2 – Who’s really attacking your ICS devices ?

Published March 15, 2013 |

By Peter Van Eeckhoutte (corelanc0d3r)

Kyle Wilhoit, Threat researcher at Trend Micro, explains that he will provide an overview of ICS systems before looking at some interesting attacks at ICS systems. Concerns/Overview of ICS Security and Typical deployments ICS devices are used in production of virtually anything. They are used in water/gas/energy/automobile/manufacturing, etc. They are notoriously insecure in many ways. Software […]

Posted in Cons and Seminars | Tagged 2013, attack-in-ice-cream-sandwich, blackhat, blackhat europe, corelan, corelan-be, corelan-coder, dnp3, honeywall, how-to-perform-dos-attack-on-dnp3-network, ics, ICS devices, kyle wilhoit, modbus, nano, siemens, siemens-s7-1200-dnp3, snort-rules-php-backdoor-encryption, twitter-com-corelan-team, who-really-attacking-your

BlackHatEU2013 – Day2 – The Sandbox Roulette: Are you ready to ramble

Published March 15, 2013 |

By Peter Van Eeckhoutte (corelanc0d3r)

Good morning friends, I’d like to welcome you back on this second day of BlackHat Europe 2013. Day 1 has been pretty interesting, so let’s see how day 2 goes (especially after Rapid7 and IOActive parties last night). I think there is no better way of starting the second day at a conference with – […]

Posted in Cons and Seminars, Uncategorized | Tagged 2013, blackhat, blackhat europe, buffer zone pro, bug-the-sandbox, cve-2012-0217, day-2-the-sandbox-user, escape, ms11-087, MS12-042, rafal wojtczuk, rahul kashyap, sand-box-day-2, sandbox, sandboxie, smep-bypass, sysret.exe, the-sandbox-day-2, the-sandbox-user-created-day-2, windows-kernel-font-fuzzing

BlackHatEU2013 – Day1 – Practical Attacks against MDM solutions

Published March 14, 2013 |

By Peter Van Eeckhoutte (corelanc0d3r)

Good morning everyone, Welcome to BlackHat Europe 2013 ! As announced in my post a couple of days ago, I’ll try to post short write-ups about some of the talks right after the presentation has finished. All you have to do is keep an eye on my Twitter feed to see when a new post is […]

Posted in Cons and Seminars | Tagged 2013, a-practical-attackagainst-mdm-solutions, attacks-mdm-links, black-hat-2013-ios-spy, blackhat, blackhat europe, blackhat-europe-mobileiron, corelan, corelan-exploit, cydia-mdm, daniel brodie, daniel-brodie-practical-attacks-against-mdm, mdm, metasploit-mobileiron, michael shaulov, michael-shaulov-and-daniel-brodie, michael-shaulov-mrat, mobileiron-cydia, nessus-airwatch, rename-cydia-bypass-mdm

Black Hat Europe 2013 – Preview

Published March 10, 2013 |

By Peter Van Eeckhoutte (corelanc0d3r)

Hola dear friends, There’s only a few days left until Black Hat Europe 2013 opens its doors in the beautiful city of Amsterdam, the Netherlands. Just like past years, I’ll be covering some of the briefings (semi) live on www.corelan.be. I’ve you’re a speaker – I’ll be the dude in the front row, typing […]

Posted in Cons and Seminars | Tagged 2013, amsterdam, andy davis, appliances, ben williams, bill sempf, blackhat, briefings, daniel brodie, docking station, donata ferrante, europe, heap, ICS devices, krasnapolsky, kyle wilhoit, luigi auriemma, mdm, michael shaulov, nikita tarakanov, oleg kupreev, online games, rafal wojtczuk, rahul kashyap, sandbox, sessions, windows 8, zhenhua eric liu

Root Cause Analysis – Memory Corruption Vulnerabilities

Published February 26, 2013 |

By Corelan Team (Jason Kratzer)

Introduction For the past year or so I’ve spent a significant amount of time fuzzing various applications with the hopes of identifying exploitable crashes. Early on in my research I quickly realized that building fuzzers and generating large quantities of crashes, even for heavily targeted applications, was easy. However, determining the exploitability of these crashes, […]

Posted in Exploit Writing Tutorials, Exploits, Fuzzing, Root Cause Analysis | Tagged !exploitable, 4byte, arbitrary write, binary-editor, bitmap, corelan, corruption, determine, exploitability, freelist, fuzzing, heap, kmplayer, kmplayer-corelan-team, mona, msec, peach, pit, race condition, windbg

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Search Results for: exploit windows xp

CSO : Common Sense Operator/Operations

Happy 5th Birthday Corelan Team

Metasploit Meterpreter and NAT

Zabbix SQL Injection/RCE – CVE-2013-5743

Root Cause Analysis – Integer Overflows

BlackHatEU2013 – Day2 – Who’s really attacking your ICS devices ?

BlackHatEU2013 – Day2 – The Sandbox Roulette: Are you ready to ramble

BlackHatEU2013 – Day1 – Practical Attacks against MDM solutions

Black Hat Europe 2013 – Preview

Root Cause Analysis – Memory Corruption Vulnerabilities

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!