Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 13:04:16 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1709432003&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fpapers%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1709432003.1338210256.1338210256.1338210256.1%3B%2B__utmz%3D32867617.1338210256.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113065/ekoparty8-cfp.txt http://packetstormsecurity.org/files/113065/ekoparty8-cfp.txt http://packetstormsecurity.org/files/113065/Ekoparty-8-Call-For-Papers.html Sun, 27 May 2012 18:57:15 GMT Call For Papers for the 8th edition of the Ekoparty Security Conference being held from September 17th through the 21st, 2012, in Latin America. http://packetstormsecurity.org/files/113042/grehack2012-cfp.txt http://packetstormsecurity.org/files/113042/grehack2012-cfp.txt http://packetstormsecurity.org/files/113042/GreHack-2012-Call-For-Papers.html Fri, 25 May 2012 20:39:27 GMT The GreHack 2012 Call For Papers has been announced. It will be held in Grenoble, France on October 19th, 2012. http://packetstormsecurity.org/files/113038/Hacktivity2012-CFP.txt http://packetstormsecurity.org/files/113038/Hacktivity2012-CFP.txt http://packetstormsecurity.org/files/113038/Hacktivity-2012-Call-For-Papers.html Fri, 25 May 2012 20:27:45 GMT The Hacktivity 2012 Call For Papers has been announced. It will be held from October 12th through the 13th, 2012 in Budapest, Hungary. http://packetstormsecurity.org/files/113011/uncovering-zerodays-and-advanced-fuzzing.tgz http://packetstormsecurity.org/files/113011/uncovering-zerodays-and-advanced-fuzzing.tgz http://packetstormsecurity.org/files/113011/Uncovering-ZeroDays-And-Advanced-Fuzzing.html Thu, 24 May 2012 15:17:55 GMT This is a presentation called Uncovering ZeroDays and Advanced Fuzzing. It has one PDF of the presentation and one of the full script used during the presentation. This was presented at AthCon 2012. http://packetstormsecurity.org/files/112992/draft-gont-opsec-dhcpv6-shield-00.txt http://packetstormsecurity.org/files/112992/draft-gont-opsec-dhcpv6-shield-00.txt http://packetstormsecurity.org/files/112992/DHCPv6-Shield-Protecting-Against-Rogue-DHCPv6-Servers.html Wed, 23 May 2012 17:22:22 GMT This document specifies a mechanism for protecting hosts connected to a broadcast network against rogue DHCPv6 servers. The aforementioned mechanism is based on DHCPv6 packet-filtering at the layer-2 device on which the packets are received. The aforementioned mechanism has been widely deployed in IPv4 networks ('DHCP snooping'), and hence it is desirable that similar functionality be provided for IPv6 networks. http://packetstormsecurity.org/files/112965/Failure_to_restrict_access_tool.pdf http://packetstormsecurity.org/files/112965/Failure_to_restrict_access_tool.pdf http://packetstormsecurity.org/files/112965/Failure-To-Restrict-Access.html Wed, 23 May 2012 02:33:16 GMT This is a brief whitepaper discussing methods of validating a lack of access restriction for various pages on sites. It discusses everything from visual viewing and comparison between cookies used and using an implementation of the Damerau-Levensthein model. They also have a tool for download. http://packetstormsecurity.org/files/112887/RDP_exploit.pdf http://packetstormsecurity.org/files/112887/RDP_exploit.pdf http://packetstormsecurity.org/files/112887/RDP-Exploitation-Using-Cain.html Mon, 21 May 2012 10:33:22 GMT This paper demonstrates how to ARP poison a connection between Windows 7 and Windows 2008 R2 Server using Cain. http://packetstormsecurity.org/files/112886/Scanning22v3.pdf http://packetstormsecurity.org/files/112886/Scanning22v3.pdf http://packetstormsecurity.org/files/112886/Scanning-Tools.html Mon, 21 May 2012 10:11:11 GMT This whitepaper touches on various scanning tools and how to use them. It gives an overview of hping, scapy, unicornscan, nmap, and nessus. http://packetstormsecurity.org/files/112946/clubhack-magazine-may2012.pdf http://packetstormsecurity.org/files/112946/clubhack-magazine-may2012.pdf http://packetstormsecurity.org/files/112946/ClubHACK-Magazine-Issue-28.html Mon, 21 May 2012 09:22:22 GMT ClubHACK Magazine Issue 28 - Topics covered include Steganography over covert channels, Kautilya, HTTPS, and more. http://packetstormsecurity.org/files/112914/ICITST2012-cfp.txt http://packetstormsecurity.org/files/112914/ICITST2012-cfp.txt http://packetstormsecurity.org/files/112914/7th-ICITST-Call-For-Papers.html Sat, 19 May 2012 17:11:11 GMT The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) Call For Papers has been announced. It will be held December 10th through the 12th, 2012, in London, United Kingdom. http://packetstormsecurity.org/files/112861/H2HC-CFP-2012.txt http://packetstormsecurity.org/files/112861/H2HC-CFP-2012.txt http://packetstormsecurity.org/files/112861/Hackers-2-Hackers-9-Call-For-Papers.html Fri, 18 May 2012 14:42:02 GMT The Hackers 2 Hackers Conference (H2HC) 9th edition call for papers has been announced. It is being held in Sao Paulo, Brazil from October 18th through the 23rd, 2012. http://packetstormsecurity.org/files/112852/xss-walkthrough.pdf http://packetstormsecurity.org/files/112852/xss-walkthrough.pdf http://packetstormsecurity.org/files/112852/Cross-Site-Scripting-Walkthrough.html Fri, 18 May 2012 14:23:24 GMT This is a whitepaper that gives a complete cross site scripting walkthrough. http://packetstormsecurity.org/files/112790/sect2012-cfp.txt http://packetstormsecurity.org/files/112790/sect2012-cfp.txt http://packetstormsecurity.org/files/112790/SEC-T-2012-Call-For-Papers.html Wed, 16 May 2012 23:19:19 GMT The SEC-T 2012 Call For Papers has been announced. It will be held from September 13th through the 14th in Stockholm, Sweden. http://packetstormsecurity.org/files/112650/hackersconf2012-cfp.txt http://packetstormsecurity.org/files/112650/hackersconf2012-cfp.txt http://packetstormsecurity.org/files/112650/The-Hackers-Conference-2012-Call-For-Papers.html Sat, 12 May 2012 13:13:44 GMT The Hackers Conference 2012 Call For Papers has been announced. It will take place in New Delhi, India on July 29th, 2012. http://packetstormsecurity.org/files/112627/T212-CFP.txt http://packetstormsecurity.org/files/112627/T212-CFP.txt http://packetstormsecurity.org/files/112627/t212-Call-For-Papers.html Fri, 11 May 2012 15:44:18 GMT The t2'12 Call For Papers has been announced. It will take place October 25th through the 26th, 2012 in Helsinki, Finland. http://packetstormsecurity.org/files/112600/breakpoint2012-cfp.txt http://packetstormsecurity.org/files/112600/breakpoint2012-cfp.txt http://packetstormsecurity.org/files/112600/Breakpoint-2012-Call-For-Papers.html Thu, 10 May 2012 15:31:47 GMT The Breakpoint 2012 Call For Papers has been announced. It will take place at the Intercontinental Rialto in Melbourne, Australia on October 17th through the 18th, 2012. Breakpoint is organized by the Ruxcon conference team and will offer a specialized and more professional security conference to complement and lead into the larger and more casual Ruxcon weekend conference. Breakpoint will cater towards security researchers and industry professionals alike, with a focus on cutting edge security research. http://packetstormsecurity.org/files/112588/Finding_LFI_and_RFI.pdf http://packetstormsecurity.org/files/112588/Finding_LFI_and_RFI.pdf http://packetstormsecurity.org/files/112588/Finding-RFI-And-LFI-Exploiting-And-Patching.html Tue, 08 May 2012 21:50:00 GMT This is a brief whitepaper that discusses finding remote and local file inclusion vulnerabilities and how to exploit and patch them. http://packetstormsecurity.org/files/112539/nullsec-pe-crypter.pdf http://packetstormsecurity.org/files/112539/nullsec-pe-crypter.pdf http://packetstormsecurity.org/files/112539/Hyperion-Implementation-Of-A-PE-Crypter.html Tue, 08 May 2012 16:11:11 GMT This paper reveals the theoretical aspects behind run-time crypters and describes a reference implementation for Portable Executables. http://packetstormsecurity.org/files/112482/iosapp-insecurity.pdf http://packetstormsecurity.org/files/112482/iosapp-insecurity.pdf http://packetstormsecurity.org/files/112482/iOS-Application-In-Security.html Sun, 06 May 2012 01:48:08 GMT This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance. http://packetstormsecurity.org/files/112394/malware_analysis1.pdf http://packetstormsecurity.org/files/112394/malware_analysis1.pdf http://packetstormsecurity.org/files/112394/Reverse-Engineering-Malware-Part-1.html Wed, 02 May 2012 02:02:29 GMT Whitepaper called Reverse Engineering Malware Part 1. http://packetstormsecurity.org/files/112361/spsn2012-cfp.txt http://packetstormsecurity.org/files/112361/spsn2012-cfp.txt http://packetstormsecurity.org/files/112361/3rd-Workshop-On-Security-And-Privacy-In-Social-Networks-Call-For-Papers.html Wed, 02 May 2012 01:10:56 GMT The Call For Papers for the Third International Workshop on Security and Privacy in Social Networks 2012 (SPSN-2012) in conjunction with IEEE SocialCom has been announced. It will take place in Amsterdam, The Netherlands, September 3rd through the 6th, 2012. http://packetstormsecurity.org/files/112392/paspas-assembleur.pdf http://packetstormsecurity.org/files/112392/paspas-assembleur.pdf http://packetstormsecurity.org/files/112392/Pas-A-Pas-Vers-LAssembleur.html Tue, 01 May 2012 11:11:11 GMT Pas A Pass Vers L'Assembleur is a whitepaper that discusses the basics of writing and working with assembler. Written in French. http://packetstormsecurity.org/files/112316/Actuality_of_SMBRelay_in_Modern_Windows_Networks.pdf http://packetstormsecurity.org/files/112316/Actuality_of_SMBRelay_in_Modern_Windows_Networks.pdf http://packetstormsecurity.org/files/112316/Actuality-Of-SMBRelay-In-Modern-Windows-Networks.html Sat, 28 Apr 2012 18:22:22 GMT Whitepaper called Actuality of SMBRelay in Modern Windows Networks. http://packetstormsecurity.org/files/112212/toorcamp2012-cfp.txt http://packetstormsecurity.org/files/112212/toorcamp2012-cfp.txt http://packetstormsecurity.org/files/112212/ToorCamp-2012-Call-For-Participation.html Thu, 26 Apr 2012 22:12:23 GMT ToorCamp is a five-day open-air event for hackers, makers, breakers, and shakers. ToorCamp is where you get together with the rest of the best in a relaxing, beautiful atmosphere, and exchange ideas with the brightest technology experts from around the world. The camp has everything you need: power, internet, food and fun. Bring your tent, bring a friend ? and get ready to reunite and reignite with really smart people, just like you. It will take place at the Hobuck Beach Resort in Neah Bay, Washington August 8th through the 12th, 2012. http://packetstormsecurity.org/files/112162/draft-gont-opsec-ipv6-implications-on-ipv4-nets-00.txt http://packetstormsecurity.org/files/112162/draft-gont-opsec-ipv6-implications-on-ipv4-nets-00.txt http://packetstormsecurity.org/files/112162/Security-Implicaitons-Of-IPv6-On-IPv4-Networks.html Tue, 24 Apr 2012 20:22:22 GMT This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.