Recognize-Security

Advanced Heap Spraying Techniques

Posted by Trancer on Sep 20 2010

In the January OWASP Israel meeting I did a presentation about new and advanced Heap Spraying techniques. It’s about time I publish it.

In the presentation I demonstrated two new techniques – Bitmap Heap Spraying and Silverlight Heap Spraying which I’ll publish here later on this week in addition to a few other new techniques, so stay tuned, it’ll be fun.

You can view the presentation online on Google Docs or you can download the slides here – Advanced Heap Spraying Techniques or from OWASP Israel.

Categories: Exploitation • Presentations

1 Comments | Comments RSS | TrackBack URL

Peter Van Eeckhoutte’s Exploit Writing Tutorials

Posted by Trancer on Jan 22 2010

Hello everyone. If your in to exploit development or new to this and want to learn how to do it, here’s a series of tutorials by Peter Van Eeckhoutte (a.k.a corelanc0d3r), which I strongly recommend, that will give you solid knowledge in exploit writing.
Today Peter published the latest edition to his exploit writing tutorials about Win32 Egg Hunting. Check it out:

Enjoy the reading!

Categories: Exploitation

1 Comments | Comments RSS | TrackBack URL

Metasploit Unleashed – Mastering the Framework

Posted by Trancer on Dec 17 2009

Metasploit Unleashed - Mastering the Framework Hello everyone,
I’d like to recommend a new and free online course brought to you by the great guys at Offensive Security, the creators of BackTrack Linux distribution.

Metasploit Unleashed – Mastering the Framework online course will give you a solid knowledge base to start working with the Metasploit Framework, from simple things such as lunching an exploit to post exploitation, Meterpreter scripting and more.

But the greatest thing about this course is its main purpose, which is to promote awareness and raise funds for underprivileged children in East Africa. So if you enjoy the course and find it useful, please make a donation to Hackers For Charity.

Categories: Exploitation • Metasploit

0 Comments | Comments RSS | TrackBack URL

Java Compilation mixin for Metasploit

Posted by Trancer on Jun 03 2009

Java Here’s a new shiny mixin I wrote for the Metasploit framework – the Java Compilation mixin.
The purpose of this mixin is to bring the power of Metasploit and use it for writing and compiling Java code on-the-fly.
The mixin main usage is to write, compile and embed Java code (Java applets) in HTML pages, mainly for writing exploit and auxiliary modules that exploit vulnerabilities in the JRE\JVM.
The Java compilation mixin can also be used for creating fuzzers and other testing tools for the JRE\JVM.

Code:
javacompile.rb.

Installation:
Place the mixin in the following path:
\msf3\lib\msf\core\exploit

Include the mixin in \msf3\lib\msf\core\exploit.rb file:
# JavaCompile require 'msf/core/exploit/javacompile'

Using the mixin in exploit and auxiliary modules:
include Msf::Exploit::JAVACOMPILE

The mixin requires JDK to be installed, get it from Sun.

Usage:
OUTPUTPATH – defines the path of the working directory (where the files will be created).

java_compile(filename,data) function is used to compile Java code. filename variable sets the file and public class name and data variable defines the Java code.

java_clean(filename) function is used to clean the working directory. filename variable sets the file name to delete (both .java and .class files) from the working directory.

Demonstration:
The following “exploit” module demonstrate the Java compilation mixin by calling a simple Java applet (displaying “Hello World”) from an HTML page:
java_hello.rb (See comments in the code).

This mixin is still in an early stage and will be modified and improved in time, any kind of feedback and suggestions are welcome.
Cool exploits soon to follow :-)

Categories: Exploitation • Metasploit

6 Comments | Comments RSS | TrackBack URL

Recognize-Security Welcome to the Machine Exploitation

Advanced Heap Spraying Techniques Posted by Trancer on Sep 20 2010 In the January OWASP Israel meeting I did a presentation about new and advanced Heap Spraying techniques. It’s about time I publish it. In the presentation I demonstrated two new techniques – Bitmap Heap Spraying and Silverlight Heap Spraying which I’ll publish here later on this week in addition to a few other new techniques, so stay tuned, it’ll be fun. You can view the presentation online on Google Docs or you can download the slides here – Advanced Heap Spraying Techniques or from OWASP Israel. Categories: Exploitation • Presentations 1 Comments \| Comments RSS \| TrackBack URL Peter Van Eeckhoutte’s Exploit Writing Tutorials Posted by Trancer on Jan 22 2010 Hello everyone. If your in to exploit development or new to this and want to learn how to do it, here’s a series of tutorials by Peter Van Eeckhoutte (a.k.a corelanc0d3r), which I strongly recommend, that will give you solid knowledge in exploit writing. Today Peter published the latest edition to his exploit writing tutorials about Win32 Egg Hunting. Check it out: Exploit writing tutorial part 1 : Stack Based Overflows Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode Exploit writing tutorial part 3 : SEH Based Exploits Exploit writing tutorial part 3b : SEH Based Exploits – just another example Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR Exploit writing tutorial part 7 : Unicode – from 0×00410041 to calc Exploit writing tutorial part 8 : Win32 Egg Hunting Exploit writing tutorial part 9 : Introduction to Win32 shellcoding Exploit writing tutorial part 10 : Chaining DEP with ROP – the Rubik’s[TM] Cube Enjoy the reading! Categories: Exploitation 1 Comments \| Comments RSS \| TrackBack URL Metasploit Unleashed – Mastering the Framework Posted by Trancer on Dec 17 2009 Hello everyone, I’d like to recommend a new and free online course brought to you by the great guys at Offensive Security, the creators of BackTrack Linux distribution. Metasploit Unleashed – Mastering the Framework online course will give you a solid knowledge base to start working with the Metasploit Framework, from simple things such as lunching an exploit to post exploitation, Meterpreter scripting and more. But the greatest thing about this course is its main purpose, which is to promote awareness and raise funds for underprivileged children in East Africa. So if you enjoy the course and find it useful, please make a donation to Hackers For Charity. Categories: Exploitation • Metasploit 0 Comments \| Comments RSS \| TrackBack URL Java Compilation mixin for Metasploit Posted by Trancer on Jun 03 2009 Here’s a new shiny mixin I wrote for the Metasploit framework – the Java Compilation mixin. The purpose of this mixin is to bring the power of Metasploit and use it for writing and compiling Java code on-the-fly. The mixin main usage is to write, compile and embed Java code (Java applets) in HTML pages, mainly for writing exploit and auxiliary modules that exploit vulnerabilities in the JRE\JVM. The Java compilation mixin can also be used for creating fuzzers and other testing tools for the JRE\JVM. Code: javacompile.rb. Installation: Place the mixin in the following path: `\msf3\lib\msf\core\exploit` Include the mixin in `\msf3\lib\msf\core\exploit.rb` file: `# JavaCompile require 'msf/core/exploit/javacompile'` Using the mixin in exploit and auxiliary modules: `include Msf::Exploit::JAVACOMPILE` The mixin requires JDK to be installed, get it from Sun. Usage: `OUTPUTPATH` – defines the path of the working directory (where the files will be created). `java_compile(filename,data)` function is used to compile Java code. `filename` variable sets the file and public class name and `data` variable defines the Java code. `java_clean(filename)` function is used to clean the working directory. `filename` variable sets the file name to delete (both .java and .class files) from the working directory. Demonstration: The following “exploit” module demonstrate the Java compilation mixin by calling a simple Java applet (displaying “Hello World”) from an HTML page: java_hello.rb (See comments in the code). This mixin is still in an early stage and will be modified and improved in time, any kind of feedback and suggestions are welcome. Cool exploits soon to follow :-) Categories: Exploitation • Metasploit 6 Comments \| Comments RSS \| TrackBack URL	Categories Advisories Articles Exploitation Exploits LOLz Malware Metasploit Presentations Rec-Sec Security News Tools Vulnerabilities Web Application Security Archives September 2010 March 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 December 2008 November 2008 October 2008 September 2008 August 2008 January 2008 June 2007 May 2007 April 2007 March 2007 February 2007 Pages About Links Aviv Raff BinaryVision BSDeamon Chris Evans DC9723 Didier Stevens Digital Whisper Exploit Database Exploit KB Extraexploit Julien Tinnes Michal Zalewski NiX IRC Network Nmap NullByte Pankaj Kohli Peter Van Eeckhoutte Piotr Bania rgod SkullSecurity Skypher Tavis Ormandy The Metasploit Project TryThis0ne Uninformed xorl eax, eax Yam Mesicka Meta RSS 2.0 ATOM 1.0 RDF 1.0 Links OPML OpenSearch
W3C Unicorn \| Valid XHTML \| Valid CSS \| RSS \| Comments RSS Copyright © 2007 - 2012 Recognize-Security. Some rights reserved. ~~Security~~ Hacking, However, is an art, not a science.