Wednesday, March 28, 2007

Metasploit Framework 3.0

The Metasploit Project released new Metasploit Framework 3.0 . The Metasploit Framework is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits 104 payloads 17 encoders and 3 nop modules. Additionally 30 auxiliary modules are included that perform a wide range of tasks including host discovery protocol fuzzing and denial of service testing. Metasploit organizers describe the framework as suited for use by IT administrators carrying out pen testing and patch installation verification, and product makers testing the security limitations of their technologies, along with its core audience of researchers.
You can download here:

This is an interview with founder of Metasploit, HD Moore about his Metasploit projects.

Sunday, March 18, 2007

An interview with Joanna Rutkowska

This is an interview session with Joanna Rutkowska, a person who hacked the Windows Vista kernel.

Last year, I attended her presentation about Subverting Vista Kernel For Fun and Profit at HITBSecConf2006. She shows how to bypass Windows Vista Kernel using BluePills tool. She is one of the researchers who found vulnerability on Vista. You can refer here to get a slide about her Vista presentation at HITBSecConf2006. You also can refer to her blog about her latest research:

Analysis of Remote File Inclusion Attempts

This is an analysis from SANS diary about Remote File Inclusion attempt:

Remote file inclusion is one of the latest and popular attack technique used by an attacker to attack a website from a remote computer. If your server are vulnerable to web applications that allow an attacker to execute remote file inclusion, it's very easy for attacker take over your server remotely .

PHP application is one of the applications that always vulnerable which allow an attacker to execute remote file inclusion to website. The reason of this PHP issue are:
  • Insufficient validation of user input prior to dynamic file system calls, such as require or include or fopen()
  • allow_url_fopen and PHP wrappers allow this behavior by default, which is unnecessary for most applications
  • Poor permissions and planning by many hosters allowing excessive default privileges and wide ranging access to what should be off limits areas.
If you want to find more information about PHP remote code execution, you can refer to this:

Friday, March 09, 2007

TOR: Anonymity Online

Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.
You can visit this website to learn more about TOR or download it:

Or you can follow this website if you want to learn about installing and configuring TOR:

Friday, March 02, 2007

Deformed TCP Options - Got Packets?

I got this article from SANS. This is about TCP packet analysis. The analysis said that scan maybe to probe firewall configuration, but it seem the level of crafting involved would be overkilled. I'm still new in packet analysis. I think i sould improve my knowledge aabout TCP packet attack.