Showing 24 results for: May 2012 ×

Putting Out the Flame

There's a lot of buzz going around in the security field about a big piece of malware, code named "Flame" or "Skywiper". Let's make some sense and try to extinguish the flame wars. There is an excellent paper that was...

Sakura Exploit Kit 1.1

Even though it's sometimes easy to forget that there are exploit kits other than BlackHole, other groups still strive for sales in the exploit kits market. So, while some of those toolkits are sophisticated enough to compete head-to-head with BlackHole,...

Connecting the Dots w/ PenTest Manager

We are evolving how the penetration testing industry reports vulnerabilities. Traditional PDF reports just don't work anymore, we need a way to easily query vulnerability data, track, export/import, and integrate into existing business processes. Beyond the obvious data usability issues,...

HULK vs. THOR - Application DoS Smackdown

SpiderLabs Research Team Contributions from: @jgrunzweig @ethackal @claudijd There was a new web server DoS tool released yesterday called HULK (Http Unbearable Load King). Here is a snippet from the blog page: In my line of work, I get to...

About me, myself and BeEF

Hello followers of SpiderLabs . I'm Michele "antisnatchor" Orru, a new Senior Spider that recently joined the Application Security team in EMEA (London). I love both writing and breaking code. That's why I particularly like source code analysis, debuggers and...

Too XXE For My Shirt

Until tonight, I'd never gotten a chance to try an xml external entity (XXE) attack. Earlier, I was updating XMLmao and XSSmh with the same interface improvements and custom blacklist features already present in SQLol. The idea, eventually, is to...

PHP-CGI Exploitation by Example

Late last week, a vulnerability in PHP-CGI was disclosed, which allows all sorts of bad for folks running PHP-CGI. It was met with lots of controversy and questions about how it was leaked before a patch was available. What we'll...

TWSL2012-004: Multiple Vulnerabilities in Zen Cart

The SpiderLabs team at Trustwave published a new advisory yesterday, which details multiple vulnerabilities identified in Zen Cart (version 1.5.0). These findings include two Local File Inclusion (LFI) vulnerabilities and a Cross-Site Scripting (XSS) in the installation scripts. All of...

TrustKeeper Scan Engine Update

Summary Hello, folks! First and foremost, this week's update includes vulnerability checks for three variants of the new PHP-CGI vulnerability, CVE-2012-1823 (at the moment, NVD/CVE hasn't been updated). To learn more about this vulnerability, please see our write-up on how...

THOTCON 0x3 - Hacker Brew Contest

This year's instantiation of the THOTCON hacking conference issued a unique challenge: "Brew a special beer for THOTCON and bring a bomber (22oz) with you to enter in the Hacker Brew contest - a special session at the end of Track 1. There will be a panel of judges including a BJCP National Judge, a judge from Half Acre and some prizes for the best hacker brews."

RedKit Payload - Binary Fun

This blog post focuses on a piece of malware utilized by the recently discovered RedKit exploit kit. Obfuscation techniques are focused on to discover the true purpose of the malware in use.