Showing 7 results for: 2014 ×Tools ×

Alina POS malware "sparks" off a new variant

Alina is a well-documented family of malware used to scrape Credit Card (CC) data from Point of Sale (POS) software. We published a series of in-depth write-ups on the capabilities Alina possesses as well as the progression of the versions....

Cracking IKE Mission:Improbable (Part3)

Introduction As discussed in parts 1 and 2 of this series, the most common VPN endpoints (responders) found supporting Aggressive Mode negotiation are Cisco devices. However, they are also almost always supported by a second factor authentication mechanism known as...

Responder 2.0 - Owning Windows Networks part 3

Introduction: The power and flexibility of Responder has grown significantly over the past year. Responder is a powerful and easy-to-use tool for penetration testers looking to highlight and exploit weaknesses in a number of popular default network configurations. In this...

CVE-2014-0050: Exploit with Boundaries, Loops without Boundaries

In this article I will discuss CVE-2014-0050: Apache Commons FileUpload and Apache Tomcat Denial-of-Service in detail. The article reviews the vulnerability's technical aspects in depth and includes recommendations that can help administrators defend from future exploitation of this security issue....