| Real Name | James F |
|---|---|
| Email address | private |
| First Active | 2003-02-24 |
| Last Active | 2018-01-15 |
The process of setting up and using dnscat2 is documented in this article. The tool consists of a Ruby server and a small C client, and can be used to quickly establish an encrypted covert channel between two computers over the Internet using DNS traffic. Once set up, the tool is evaluated by exfiltrating data out of a network that has a pfSense firewall at the perimeter blocking direct outbound DNS requests from client machines, and also running the Snort IDS. It is is seen that a reverse shell is successfully sent out of the network and no IDS alerts are generated.
4238ee78d79a92d53a74e413f3b6b4a75832717841a62f159d535e7323fd9e66This article presents a cross-platform test harness written in Python that assists the user in searching for vulnerabilities in web browsers, specifically by fuzzing their font parsing functionality. The tool automates the delivery of test cases (font files in this context) into a web browser. The creation of a corpus of mutated TTF font files suitable for use in fuzzing is also covered.
c8318c528d7e608b8d2215bee4998862b6f54b96d2c952d42a31f344c81b6f0dSide channel attacks against cryptographic systems involve identifying ways in which their physical implementations leak useful information. A cryptographic algorithm may be secure on paper but when implemented on physical hardware some of the secret data, such as key bits, may potentially be recovered by an attacker by measuring various physical properties whilst encryption or decryption is being performed. This essay reviews the most successful countermeasures that can be used to make different classes of side channel attacks as difficult as possible. An understanding of basic principles of cryptography is assumed.
291a3d1be421c2c85288ddda1845bef8abe134544fe137f42cec5bfcdd6661a4This paper reviews fuzzing and its context within the field of information security research. We firstly examine how vulnerabilities come to exist in software and how security researchers find them. After a brief overview of common vulnerability types and methods of static analysis, we look in more depth at the field of fuzzing. Competing approaches to fuzzing are examined, from simple random inputs all the way to using genetic algorithms and taint analysis. The importance of measuring code coverage to evaluate the completeness of a fuzzing campaign is examined. Finally, previous work on fuzz testing of web browsers is reviewed.
847622b4537e1334fad9504003ab57fb51baf3575e0822fba4b6117eb8be63d2This essay takes a look at a selection of network anonymity systems including VPNs, Tor, Freenet and I2P. The different systems are explained and then compared and contrasted with each other. A number of issues are considered for each system including ease of use, popularity, strength of anonymity provided, and potential attacks on the system.
a4e13aeaa32d0f23f46e8a5422c6a62f47a566f7de1f2f87f6b1a2306e58ba82This paper investigates combining Misuse and Anomaly based IDS into one system. Misuse detection consists of defining malicious network traffic and monitoring for it. Anomaly detection consists of defining normal or typical network traffic and then detecting anything else. The perl source code for a prototype NIDS is included (requires TCPDump).
11979759e8cc51327726d9093cf27a33ea30c7326a3a1af9c7df46940e61c1fc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed