Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

[Secuinside CTF 2013] pwnme writeup

VNSECURITY - 18 Srpen, 2014 - 13:00
Challenge summary: Binary : http://war.secuinside.com/files/pwnme Source : http://war.secuinside.com/files/pwnme.c =================================== OS : Ubuntu 13.04 with PIE+ASLR+NX md5 of libc-2.17.so : 45be45152ad28841ddabc5c875f8e6e4 IP : 54.214.248.68 PORT : 8181,8282,8383 This is the only exploit challenge comes with source. The bug is simple: buffer overflow with only 16-bytes at pwnme.c:67, just enough to control EIP. The goal is to bypass PIE+ASLR+NX. We ...
Kategorie: Hacking & Security

[Secuinside CTF 2013]Trace Him Writeup

VNSECURITY - 18 Srpen, 2014 - 13:00
Description: IP : 59.9.131.155 port : 18562 (SSH) account :  control  / control porsche binary : http://war.secuinside.com/files/firmware data : http://war.secuinside.com/files/car.bin (To prevent meaningless waste of time on certain analysis, car.bin is open to public.) hint : root@ubuntu:~# uname -a Linux ubuntu 3.8.0-19-generic #29-Ubuntu SMP Wed Apr 17 18:19:42 UTC 2013 i686 i686 i686 GNU/Linux The evil group is running ...
Kategorie: Hacking & Security

Analysis of nginx 1.3.9/1.4.0 stack buffer overflow and x64 exploitation (CVE-2013-2028)

VNSECURITY - 18 Srpen, 2014 - 13:00
A few days after the release of nginx advisory (CVE-2013-2028), we managed to successfully exploit the vulnerability with a full control over the program flow. However, in order to make it more reliable and useful in real world environment, we still explored several program paths and found some other ...
Kategorie: Hacking & Security

CMarkup Use After Free Vulnerability – CVE-2012-4782

VNSECURITY - 18 Srpen, 2014 - 13:00
Latest M$ tuesday patch kill one of my 0day in Microsoft Internet Explorer 9/10. So I decided release Proof Of Concept code and writeup some analyze about this bug. Hope it helpful. Here is the PoC: [sourcecode language="html"] ...
Kategorie: Hacking & Security

Snatching The H@t

VNSECURITY - 18 Srpen, 2014 - 13:00
Nhận lời mời từ IDG, VNSecurity đồng ý đứng ra phối hợp tổ chức cuộc thi "Snatching the h@t" như một sự kiện trong khuôn khổ hội thảo CSO Asean năm 2012 với mong muốn giới thiệu và phát triển CTF như một hình thức học tập và thể hiện ...
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #12 – Donn Beach – (500)

VNSECURITY - 18 Srpen, 2014 - 13:00
The famous zombie researcher “Donn Beach” almost created an immunization against the dipsomanie virus. This severe disease leads to the inability to defend against Zombies, later causes a complete loss of memory and finally turns you into one of them. Inexplicably Donn forgot where he put the license key for his centrifuge. Provide him ...
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #6 – BrainGathering – (500)

VNSECURITY - 18 Srpen, 2014 - 13:00
I did not solve this during CTF and my mistake is not using IDA to decompile since it has some obfuscate. After CTF end, i use gdb to dump running process to binary file and analyze it again, try to finish it. gdb --pid [PID] gdb>info proc process 4660 gdb>shell cat /proc/4660/maps 08048000-0804a000 rwxp 00000000 08:03 7213513 gdb>dump ...
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #19 – Zombie Reminder – (200)

VNSECURITY - 18 Srpen, 2014 - 13:00
19 - Zombie Reminder Zombies love brains. But zombies forget, so they have a tool where they can enter the location of brains they found. In a heroic mission someone managed to obtain both the source code and the information that a critical file can be found at '/var/www/flag'. Your mission ...
Kategorie: Hacking & Security

Tor – Xác định các exit relay độc hại

VNSECURITY - 14 Srpen, 2014 - 23:30
1. Mở đầu Bài viết này là phần mô tả sơ lược và bình luận bài báo "Spoiled Onions: Exposing Malicious Tor Exit Relays"[1]. Tor exit relay là nút cuối dùng trong hành trình vận chuyển của các gói tin trọng mạng Tor, gói tin từ đây sẽ đi đến địa chỉ ...
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #13 – The Sandbox Terminal

VNSECURITY - 14 Srpen, 2014 - 18:30
Solved by w00d @ clgt Thanks g4mm4 for giving many suggestions and draft the first version of the exploit 13 - The Sandboxed Terminal (400) Since the zombie apocalypse started people did not stop to ask themselves how the whole thing began. An abandoned military base may lead to answers but after infiltrating ...
Kategorie: Hacking & Security

Lấy lời nhạc nhaccuatui.com

VNSECURITY - 5 Srpen, 2014 - 23:30
Nhaccuatui vừa nâng cấp trình chơi nhạc trên web của mình có thể hiển thị lời nhạc theo thời gian khá tốt. Bài viết này sẽ trình bày các bước để lấy lời nhạc đó và cung cấp một công cụ để thực hiện trong 1 cú enter ;) (*). Lấy ...
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #10 (500)

VNSECURITY - 3 Srpen, 2014 - 19:00
10 - zlotpy Gambling time. Play against the Internet Zlot Machine at ctf.fluxfingers.net tcp/2053 This challenge has two stages. 1) Medium: Investigate the contents of a saved game. 2) Hard: Get 8 (EIGHT) bonus points. Good luck! Hint: We have some sourcecode for you! https://ctf.fluxfingers.net/challenges/zlot.py At the first sight, we thought this challenge was ...
Kategorie: Hacking & Security

Alert Logic Adds Capabilities To Enhance Hybrid IT Security

DarkReading.com - 25 Březen, 2014 - 16:47
Announces upgraded versions of its Alert Logic Threat Manager and Alert Logic Web Security Manager solutions
Kategorie: Hacking & Security

Synopsys Completes Coverity Acquisition

DarkReading.com - 25 Březen, 2014 - 16:45
Companies intend to improve software quality and help ensure mission-critical applications are built to withstand increasing security threats
Kategorie: Hacking & Security

Parallels Survey Of IT Professionals Finds Macs Moving Beyond BYOD Phenomenon, Now Considered For Broader Corporate Deployment

DarkReading.com - 25 Březen, 2014 - 16:42
Macs are in high demand, and those who already support them shared the top reasons why
Kategorie: Hacking & Security

Microsoft Outlook Users Face Zero-Day Attack

DarkReading.com - 25 Březen, 2014 - 16:31
Simply previewing maliciously crafted RTF documents in Outlook triggers exploit of bug present in Windows and Mac versions of Word, Microsoft warns
Kategorie: Hacking & Security

Secure Domain Foundation Launches; Will Serve As Forum For DNS Security Data Exchange

DarkReading.com - 25 Březen, 2014 - 12:48
New Secure Domain Foundation will facilitate security information sharing among Internet domain registrars
Kategorie: Hacking & Security

New Malwarebytes Technology Proactively Protects PCs From Advanced Stealthy Malware

DarkReading.com - 24 Březen, 2014 - 20:28
Malwarebytes Anti-Malware Premium will support XP users for life
Kategorie: Hacking & Security

Windows XP: Feds Brace For End Of Support

DarkReading.com - 24 Březen, 2014 - 17:41
Roughly one in 10 U.S. government PCs still use Windows XP. They will be more vulnerable to attacks when XP support ends on April 8
Kategorie: Hacking & Security

Former NSA And Google Engineers Launch A New And More Secure Disconnect Search

DarkReading.com - 24 Březen, 2014 - 17:38
Disconnect Search protects users’ privacy in four ways
Kategorie: Hacking & Security
Syndikovat obsah