So, we have written an article about PHP Command Injection (Applies to other platforms too, we just covered PHP).
Read it here! PHP Command Injection - Insecurety Research
More to come...
~Insecurety Research Team.
Showing posts with label Perl. Show all posts
Showing posts with label Perl. Show all posts
Thursday, 15 March 2012
Wednesday, 7 March 2012
[Article] Reverse shells...
Ok. So I wrote a short article yesterday showing off a few reverse shell tricks and demoing them on a vulnerable web app using a Command Injection vulnerability.
Some people were asking "why it so basic?" and here is why: The idea of the article is not to provide script kids/blackhats with new info - it is well known - but to demonstrate how one can go from a small PHP bug to a full blown reverse shell.
I will be working up SNORT IDS Signatures for them all based on how they throw a shell back, just have to get some nice .pcaps of it first. I plan to also find a way to "signature" the IDS evading shellcode I wrote - and so kind of have an "arms race" with myself...
Article on Insecurety.net
Some people were asking "why it so basic?" and here is why: The idea of the article is not to provide script kids/blackhats with new info - it is well known - but to demonstrate how one can go from a small PHP bug to a full blown reverse shell.
I will be working up SNORT IDS Signatures for them all based on how they throw a shell back, just have to get some nice .pcaps of it first. I plan to also find a way to "signature" the IDS evading shellcode I wrote - and so kind of have an "arms race" with myself...
Article on Insecurety.net
Tuesday, 21 February 2012
Web Malware Collection - more Updates!
So, I have been grepping and searching through logs and google searches, hunting for malware to add. And oh lord, I am finding a LOT!
Lately I started hunting through pastebin for "more malware" and such, and am slowly amassing a fairly epic amount to sort. Also have to handle submissions, Honeypot logs, etc.
So, check out the project page! Web Malware Collection
Lately I started hunting through pastebin for "more malware" and such, and am slowly amassing a fairly epic amount to sort. Also have to handle submissions, Honeypot logs, etc.
So, check out the project page! Web Malware Collection
Thursday, 16 February 2012
Web Malware Collection Updated
Ok, quick post. The Web Malware Collection has had some updates done, and I am *Still* busy sorting samples to commit.
Currently it has 443 samples (according to this
Project Page: http://insecurety.net/projects/web-malware/
GoogleCode: http://code.google.com/p/web-malware-collection/
SVN repo is on googlecode so SVN up :D
Currently it has 443 samples (according to this
"find . -type f | wc -l" command)Project Page: http://insecurety.net/projects/web-malware/
GoogleCode: http://code.google.com/p/web-malware-collection/
SVN repo is on googlecode so SVN up :D
Friday, 13 January 2012
MITM w/ ARP Toxin and Driftnet - Video + Tool
Quick into video about using ARP Toxin to preform MITM attacks, with extra fun involvin' using Driftnet to sniff images sent across the network.
Code is here -- Sauce Code
Bug reports and suggestions welcome!
Video made for CampusCon :D
Code is here -- Sauce Code
Bug reports and suggestions welcome!
Video made for CampusCon :D
Tuesday, 3 January 2012
Quick Post - package of Perl shells
Ok, very short post. 4 Perl shells/backdoors, 3 are reverse shells and one is a Bind shell. Seems to me everyone uses the same trick to get reverse shell :/
Anyways, more to come later! Download link below!
Perl Shells Tarball
Anyways, more to come later! Download link below!
Perl Shells Tarball
Subscribe to:
Posts (Atom)