Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 12:06:16 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1567226078&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fhitb05%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1567226078.1338206776.1338206776.1338206776.1%3B%2B__utmz%3D32867617.1338206776.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/40595/Keynote-Tony-Chor-IE-Security-Past-Present-and-Future.ppt http://packetstormsecurity.org/files/40595/Keynote-Tony-Chor-IE-Security-Past-Present-and-Future.ppt http://packetstormsecurity.org/files/40595/Keynote-Tony-Chor-IE-Security-Past-Present-and-Future.ppt.html Wed, 12 Oct 2005 07:16:41 GMT IE Security - Past, Present and Future. Tony Chor outlines the threats to secure browsing, discuss Microsoft's response with Internet Explorer for Windows XP SP2, and details the implementation of safety features in the upcoming Internet Explorer 7.0, such as the Phishing Filter and Protected Mode (the feature formerly known as Low Rights IE). http://packetstormsecurity.org/files/40596/TT-Roelof-Temmingh-State-of-the-art.ppt http://packetstormsecurity.org/files/40596/TT-Roelof-Temmingh-State-of-the-art.ppt http://packetstormsecurity.org/files/40596/TT-Roelof-Temmingh-State-of-the-art.ppt.html Wed, 12 Oct 2005 07:14:31 GMT Assessing Server Security - State of the Art. The talk takes into consideration the progress that has been made in web server security over the last few years, and the progress that has been made in attacking web servers over the same time. The paper visits the new vulnerabilities introduced by web applications and discuss the thinking applied to discover such vulnerabilities. It finally describes the state of the art of web server scanning technology. http://packetstormsecurity.org/files/40597/TT-San-Hacking-Windows-CE.ppt http://packetstormsecurity.org/files/40597/TT-San-Hacking-Windows-CE.ppt http://packetstormsecurity.org/files/40597/TT-San-Hacking-Windows-CE.ppt.html Wed, 12 Oct 2005 07:14:31 GMT Hacking Windows CE - This paper shows a buffer overflow exploitation example in Windows CE. It covers knowledge about the ARM architecture, memory management and the features of processes and threads of Windows CE. It also shows how to write a shellcode in Windows CE including knowledge about decoding shellcode of Windows CE. http://packetstormsecurity.org/files/40593/HITB.gif http://packetstormsecurity.org/files/40593/HITB.gif http://packetstormsecurity.org/files/40593/HITB.gif.html Tue, 11 Oct 2005 05:37:07 GMT Conference Graphic http://packetstormsecurity.org/files/40579/Keynote-Mikko-Hypponen-Mobile-Malware.pdf http://packetstormsecurity.org/files/40579/Keynote-Mikko-Hypponen-Mobile-Malware.pdf http://packetstormsecurity.org/files/40579/Keynote-Mikko-Hypponen-Mobile-Malware.pdf.html Tue, 11 Oct 2005 05:31:03 GMT Mobile Malware - How exactly do mobile viruses work? We'll have a look at their code and discuss what factors affect their spreading speeds. Virus writers have always been trying to attack new platforms. What draws them now towards the mobile phone? Are phones as a platform simply widespread enough, or is the possibility of making easy money via phone billing systems driving this development? Where are we now and what can we expect to see in the Mobile Malware of the future? http://packetstormsecurity.org/files/40580/TT-Dave-Aitel-Nematodes.sxi http://packetstormsecurity.org/files/40580/TT-Dave-Aitel-Nematodes.sxi http://packetstormsecurity.org/files/40580/TT-Dave-Aitel-Nematodes.sxi.html Tue, 11 Oct 2005 05:30:55 GMT Nematodes (Beneficial Worms) - This presentation presents concepts for taking expoitation frameworks into the next evolution: solving complex security problems by generating robustly controllable beneficial worms. The Why, How, and What of Nematode creation are discussed, along with some concepts in Mesh routing. Problems discussed include legal issues, controlling your worm, writing an intermediate language, the Nematode Intermediate Language (NIL) for writing robust worms, reliability problems, commications protocols, and future work. http://packetstormsecurity.org/files/40581/TT-Fyodor-Yarochkin-Meder-Kydyraliev-STIFware-Evolution.ppt http://packetstormsecurity.org/files/40581/TT-Fyodor-Yarochkin-Meder-Kydyraliev-STIFware-Evolution.ppt http://packetstormsecurity.org/files/40581/TT-Fyodor-Yarochkin-Meder-Kydyraliev-STIFware-Evolution.ppt.html Tue, 11 Oct 2005 05:30:55 GMT STIFWare Evolution - Meder and Fyodor have been working on their concept of common framework to unify offensive part of heterogeneous security data and security tools into a single unit - security tools framework. The presentation deals with the evolution of STIF framework into what they call now STIF-ware - a set of STIF relevant modules that would allow the computer security hobbists to build, control and monitor the distributed network of automated hacking agents, guided by set of goals and targets, assigned to the system. http://packetstormsecurity.org/files/40582/TT-Jim-Geovedi-Hotspot-Security.pdf http://packetstormsecurity.org/files/40582/TT-Jim-Geovedi-Hotspot-Security.pdf http://packetstormsecurity.org/files/40582/TT-Jim-Geovedi-Hotspot-Security.pdf.html Tue, 11 Oct 2005 05:30:55 GMT Hotspot Security - This presentation covers the basic approach behind Wi-Fi hotspot security design and architecture. During the presentation, vulnerabilities and methods for exploiting Wi-Fi hotspots were shown. http://packetstormsecurity.org/files/40583/TT-Joanna-Rutkowska-HITB-Virginity-Verifier.ppt http://packetstormsecurity.org/files/40583/TT-Joanna-Rutkowska-HITB-Virginity-Verifier.ppt http://packetstormsecurity.org/files/40583/TT-Joanna-Rutkowska-HITB-Virginity-Verifier.ppt.html Tue, 11 Oct 2005 05:30:55 GMT Virginity Verifier - The presentation aims towards defining a detailed list of vital operating system parts as well as a methodology for malware detection. The list will start on such basic levels as actions needed for file system and registry integrity verification, go through user-mode memory validating (detecting additional processes, hooked DLLs, injected threads, etc) and finally end on such advanced topics as defining vital kernel parts which can be altered by modern rootkit-based malware (with techniques like Raw IRP hooking, various DKOM based manipulations or VMM cheating) http://packetstormsecurity.org/files/40584/TT-Jose-Nazario-Analyzing-all-that-data.pdf http://packetstormsecurity.org/files/40584/TT-Jose-Nazario-Analyzing-all-that-data.pdf http://packetstormsecurity.org/files/40584/TT-Jose-Nazario-Analyzing-all-that-data.pdf.html Tue, 11 Oct 2005 05:30:55 GMT Analysing All That Data - This presentation will introduce you to a number of techniques for making sense of large collections of data, including sorting and clustering techniques, fuzzy matching, and trend analysis. These techniques have applicability in numerous applications, such as mail filtering and network event analysis. http://packetstormsecurity.org/files/40585/TT-Marc-Schoenefeld-Secure-Java-Programming.zip http://packetstormsecurity.org/files/40585/TT-Marc-Schoenefeld-Secure-Java-Programming.zip http://packetstormsecurity.org/files/40585/TT-Marc-Schoenefeld-Secure-Java-Programming.zip.html Tue, 11 Oct 2005 05:30:55 GMT Secure Java Programming - The talk is about the causes and effects of coding errors and the techniques to detect them, demonstrated with findings in the current Sun JDK. http://packetstormsecurity.org/files/40586/TT-Nish-Bhalla-Defects-Overview.pdf http://packetstormsecurity.org/files/40586/TT-Nish-Bhalla-Defects-Overview.pdf http://packetstormsecurity.org/files/40586/TT-Nish-Bhalla-Defects-Overview.pdf.html Tue, 11 Oct 2005 05:30:55 GMT Analyzing Code for Security Defects - Reviewing code to find vulnerabilities is becoming more and more common. Reviewing code is not only useful from a developers point of view but also from an attacker's point of view. The talk covers the basics of threat analysis, how to assess threats and what are some of the vulnerabilities that could exists in code when performing code reviews for large code bases. http://packetstormsecurity.org/files/40587/TT-Shreeraj-Shah-Webhacking-Kungfu.pdf http://packetstormsecurity.org/files/40587/TT-Shreeraj-Shah-Webhacking-Kungfu.pdf http://packetstormsecurity.org/files/40587/TT-Shreeraj-Shah-Webhacking-Kungfu.pdf.html Tue, 11 Oct 2005 05:30:55 GMT Web Hacking Kung-Fu and Art of Defense - Web attacks are on the rise and new methods of hacking are evolving. This presentation covers the new methodologies for web application footprinting, discovery and information gathering with a new range of tools. http://packetstormsecurity.org/files/40588/TT-The-Grugq-VoIPPhreaking.ppt http://packetstormsecurity.org/files/40588/TT-The-Grugq-VoIPPhreaking.ppt http://packetstormsecurity.org/files/40588/TT-The-Grugq-VoIPPhreaking.ppt.html Tue, 11 Oct 2005 05:30:55 GMT VoIPhreaking: How to make free phone calls and influence people This talk explores the technologies behind VoIP infrastructures, focusing on their weaknesses and faults. LIVE DEMOS were conducted to help illustrate that attacks which violate VoIP system security are not only practical, but are already here. The era of VoIPhreaking has begun. http://packetstormsecurity.org/files/40589/BT-Anthony-Zboralski-Social-Engineering.pdf http://packetstormsecurity.org/files/40589/BT-Anthony-Zboralski-Social-Engineering.pdf http://packetstormsecurity.org/files/40589/BT-Anthony-Zboralski-Social-Engineering.pdf.html Tue, 11 Oct 2005 05:30:49 GMT Social Engineering Fundamentals - In today's world confidence scams present quite possibly the highest threat to security with in the business world. Control of information, withholding and leaking, can lead to massive failures and losses depending on how skilled the attacker may be. In combination with disinformation and propaganda, social engineering can as fatal as or even lead to loss of customer and shareholder confidence. http://packetstormsecurity.org/files/40590/BT-Fabrice-Marie-Hacking-Internet-Banking-Applications.pdf http://packetstormsecurity.org/files/40590/BT-Fabrice-Marie-Hacking-Internet-Banking-Applications.pdf http://packetstormsecurity.org/files/40590/BT-Fabrice-Marie-Hacking-Internet-Banking-Applications.pdf.html Tue, 11 Oct 2005 05:30:49 GMT Hacking Internet Banking Applications - This presentation highlights the solutions to some of the challenges the banks will face online to ensure that their data handling practices are compliant with their country's privacy regulations and banking regulations among others. http://packetstormsecurity.org/files/40591/BT-Raoul-Chiesa-X25-Security.pdf http://packetstormsecurity.org/files/40591/BT-Raoul-Chiesa-X25-Security.pdf http://packetstormsecurity.org/files/40591/BT-Raoul-Chiesa-X25-Security.pdf.html Tue, 11 Oct 2005 05:30:49 GMT x.25 Security - The presentation focuses on X.25 security issues, positioned in present day context and problems. The main intention is to bring personal and professional know-how, background and X.25 penetration testing experiences to the auditorium, with real-life case studies. http://packetstormsecurity.org/files/40594/BT-Roberto-Preatoni-Fabio-Ghioni-Corp-vs-Corp.ppt http://packetstormsecurity.org/files/40594/BT-Roberto-Preatoni-Fabio-Ghioni-Corp-vs-Corp.ppt http://packetstormsecurity.org/files/40594/BT-Roberto-Preatoni-Fabio-Ghioni-Corp-vs-Corp.ppt.html Tue, 11 Oct 2005 05:30:49 GMT Corp vs Corp - An impressionistic overview of what makes the difference today and in the future (in the digital playground) in the balance of power between economic and military powers. The presentation covers a description of the business behind espionage worldwide as well as the asymmetric organizations that are the real master of puppets. http://packetstormsecurity.org/files/40592/BT-Tim-Pritlove-Blinkenlights-Arcade-Project.pdf http://packetstormsecurity.org/files/40592/BT-Tim-Pritlove-Blinkenlights-Arcade-Project.pdf http://packetstormsecurity.org/files/40592/BT-Tim-Pritlove-Blinkenlights-Arcade-Project.pdf.html Tue, 11 Oct 2005 05:30:49 GMT Project Blinkenlights - A presentation covering the Blinkenlights light installation in Berlin, Germany and the Arcade project in Paris, France.