0
New Hakin9 Exploiting Software 01/2012 Is Out !
24 January 2012
Starting to Write Your Own Linux
Schellcode
By Craig Wright
We have seen more and more people become reliant on
tools such as Metasploit in the last decade. This ability to
use these tools has empowered many and has created a
rise in the number of people who can research software
vulnerabilities. It has created more security professionals
who cannot only scan a target for vulnerabilities using
a tool such as Nessus, but who can complete tests
involving system exploitations and hence validate the
results presented to them by a scanner. But, this ends
when a new application with unexpected calls or controls
is found. What do we do when presented with a special
case?
This makes it extremely difficult for signature based
systems to stop or detect shellcode created for a
specific purpose and hence more likely that the tester
will succeed in testing the vulnerability without other
controls interfering. If we remain at this level, we will
stop the lower level attacker, but fail in stopping more
sophisticated attacks.
You will learn how to write your own shell code, how to fix
all the nulls and how to validate your shellcode.
Buffer Overflow Exploitation A to Z
(Part 1)
By Praful Agarwal aka Sbeztt
Let us understand the program. The program starts with
declaration of a variable buffer with the storage capacity
of 8 characters, followed by a string to be printed to the
user as Please give input. Then the user will be expected
to enter some characters and the program will display
those characters back to the user. Finally a string will
be put stating that This is the Normal Working of the
Program. As you see the last three lines in the program,
they are coded to display a string I am not called to the
user, but as the function is never called by the main
function, this will not come on screen. Wait for the
magical powers of Buffer Overflow Exploitation, as the
author takes you through. From the first part of Buffer
Overflow Exploitation you will see how the memory gets
corrupted with the heavy data.and you will learn a Stack
Based Buffer Overflow Exploitation.
Anatomy of the Black Hole Exploit Kit
By Abhijeet Hatekar
Black Hole exploit kit has made a huge impression
in 2011 by compromising large user base across the
world. Considering the number of affected victims, it has
successfully entered into the league of deadly exploit kits
like Neosploit and Phoenix.
Like many other powerful malwares, Black Hole is
developed and maintained from Russia. V1.0 Beta is
believed to be the first instance of this predator kind and
was available for $1500/annum subscription. It can also
be licensed semi-annually for $1000 and quarterly for
$700.Black Hole keeps track of the visitor IP addresses
and tries to exploit them only once. If the same IP address
tries to connect C&C server again; 404 Not Found page is
returned. This makes the analysis little harder than usual.
Abhijeet will show the anatomy of the in-famous Black
Hole exploit kit followed by a case study explaining attack
flow. You will learn what are the three exploits used in the
Black Hole.
How to Recover Passwords from a Memory Dump
By Daniel Dieterle
Malware analysis is an amazing field. To be able to grab a memory dump
from a live machine and then have the capabilities to pull useful information
from it just amazes the author. Can we find pertinent system settings, and
even pull information from them? Were you ever curious about what could
be done with a memory dump of an active computer? This article is a short
demonstration on how to acquire a memory dump from a running system,
and then how to use tools to not only recover the system password hashes
from the memory dump, but also how to decode them.
The Gentoo Hardened Project: Or How to Minimize
Exploits Risks
By Jesus Rivero
Gentoo’s approach to Linux is evidenced in its Phylosophy1, from there it
derives the fact that optimization, flexibility and choices are the keystones
of the distribution. Gentoo gives users the tools needed for them to shape
their Gentoo installation to their liking and all while building and compiling
software especially for their hardware architecture, not relying in pre-built
binaries compiled by someone else. That is one of the reasons why you
will hear, users and developers, say that Gentoo is a „meta-distribution”
because the distribution provides exciting tools that allow users, using
the same base system, to build highly secure servers, neat desktops,
embedded solutions or even a special VDR system. Jesus will show you
how to install a Gentoo Hardened system, how to choose the right profile
and kernel and what are the major caveats and potential problems.
Hacking Applets: A Reverse Engineering Approach
By Ronnie Johndas and Nilesh Kumar
Ronnie and Nilesh will discuss a technique that can be used to modify the
applet’s Java byte code without having to recompile the applet. They will
show the process of reverse engineering of an applet which does not have
any kind of code obfuscation, string encryption and other code protection
techniques employed. You will learn how to patch byte code and perform
other kinds of manipulation in the Java class files of the applet. We will also
see how to get a signed applet to run in a standalone manner
