«
Expand/Collapse
25 items tagged "aurora"
Related tags:
webopac [+],
sql injection [+],
sql [+],
injection [+],
malware [+],
hacks [+],
google [+],
code [+],
whitepaper [+],
vulnerable [+],
video [+],
veil [+],
tags [+],
security [+],
read [+],
pdf [+],
oracle 11g [+],
oracle [+],
ms10 [+],
module [+],
memory corruption [+],
manky [+],
krakow [+],
jesse burns [+],
internet [+],
high profile companies [+],
hackingaurora [+],
flaw [+],
derek manky [+],
darknet [+],
china [+],
burns [+],
authors [+],
xxx [+],
vulnerability [+],
vietnamese government [+],
vietnamese [+],
using open source tools [+],
usa [+],
unix servers [+],
toy [+],
tale [+],
solar [+],
sensor board [+],
sensor [+],
security advisory [+],
secunia [+],
rc planes [+],
radio controller [+],
pvc [+],
public address [+],
pinpoint [+],
persistent [+],
operation [+],
open source tools [+],
nss [+],
niket [+],
night dragon [+],
nicolas waisman [+],
network [+],
mr. phatak [+],
months [+],
mister x [+],
magnetometer [+],
magnetic storms [+],
lot [+],
legal [+],
knew [+],
khosla [+],
intrusion prevention [+],
intranet address [+],
internet explorer 8 [+],
hackers [+],
government [+],
four months [+],
four [+],
fortune 500 company [+],
financial times [+],
exploitation [+],
english [+],
dollar store [+],
document viewers [+],
diy [+],
diederich [+],
denies [+],
circulated [+],
chief security architect [+],
certain [+],
boston [+],
board [+],
author [+],
aurora exploit [+],
aurora borealis [+],
audio [+],
attack [+],
alex [+],
aleatory [+],
advisory [+],
address [+],
abu dhabi [+],
Pentesting [+],
Issues [+],
ExploitsVulnerabilities [+]
-
-
19:39
»
Packet Storm Security Advisories
Aurora WebOPAC suffers from a remote SQL injection vulnerability. Versions affected include 3.5.0e, 3.4.6a, 3.5.3, 3.5.0i, 3.4.7b, 3.5.2.2, 3.4.7b, and possibly others.
-
19:39
»
Packet Storm Security Recent Files
Aurora WebOPAC suffers from a remote SQL injection vulnerability. Versions affected include 3.5.0e, 3.4.6a, 3.5.3, 3.5.0i, 3.4.7b, 3.5.2.2, 3.4.7b, and possibly others.
-
19:39
»
Packet Storm Security Misc. Files
Aurora WebOPAC suffers from a remote SQL injection vulnerability. Versions affected include 3.5.0e, 3.4.6a, 3.5.3, 3.5.0i, 3.4.7b, 3.5.2.2, 3.4.7b, and possibly others.
-
-
23:37
»
Packet Storm Security Advisories
Secunia Security Advisory - Niket Khosla has reported a vulnerability in Aurora WebOPAC, which can be exploited by malicious people to conduct SQL injection attacks.
-
-
21:41
»
SecDocs
Authors:
Christiaan Beek Tags:
malware intelligence malware analysis Event:
Black Hat Abu Dhabi 2011 Abstract: Over years the use of malware has dramatically changed. Ranging from programmers exploring the malicious possibilities of their programming code, copycats trying to combine code snippets, to organized crime and governments using custom made malware for their purposes. Where financial gratification is the main drive for cybercrime, it seems that the hunger for secrets and intellectual property is taking over. Some examples of cases are: Operation Aurora, Night-Dragon and recently Shady-RAT. These are examples of investigations that started with the detection of unknown customized malware, hiding on corporate networks and ended in large investigations regarding Data Loss. So how is it possible that this malware was undetected? How can you detect hidden malware on your network using open-source tools, what patterns to look for? What countermeasures can you take? How to build a layered malware defense to keep unknown malware out of your network. In my talk I will give some demo's how you can use Wireshark to investigate networkdata for traces of malware, how to filter for suspicious connections.
-
-
9:53
»
Hack a Day
In the hopes of getting a heads up on when the aurora borealis will be visible from his back yard, [Alex] built a magnetometer to measure disruptions in Earth’s magnetic field. The build is extremely simple, too. It’s amazing what you can build with a few components and a trip to the dollar store. The design or [...]
-
-
13:12
»
SecDocs
Authors:
Nicolas Waisman Tags:
exploiting Event:
Black Hat USA 2010 Abstract: Over the years, exploitation objectives have changed alongside the associated efforts by vendors to protect their software. Exploitation has moved from remote exploits on Unix servers to the community focusing on client-side targets, such as document viewers and browsers. Some prime examples of these are the Aurora and IE peers zero-days actively exploited in the wild. These bugs answer many questions related to what the new breed of attacker is focusing on, yet all hype aside the real lesson is: botnet authors are learning how to fuzz for these vulnerabilities but are not able to write reliable exploits to accompany them. With that premise in mind, this presentation intends to explore the techniques used to exploit the "use-after-free" bug class on Internet Explorer 8, diving into the API internals, reviewing the art of heap crafting and presenting new techniques to improve it.
-
-
13:22
»
Hack a Day
Along with hobby electronics, flying RC planes is one of [Diederich’s] favorite hobbies. When out in the field, he prefers to use an Aurora 9 radio controller, and while the remote is great, he was a bit disappointed in Hitec’s telemetry sensor lineup. He says that the sensors are pretty decent, though limited, and he [...]
-
-
21:25
»
SecDocs
-
-
21:25
»
SecDocs
-
-
21:02
»
SecDocs
-
21:02
»
SecDocs
-
-
0:54
»
SecDocs
Authors:
Vikram Phatak Tags:
antivirus vulnerability IDS Event:
Source Conference Boston 2010 Abstract: What you don’t know can hurt you. NSS Labs will share research findings from our analysis of the attack and potential variants, along with a breakdown of security vendor approaches to protecting against these types of threats. Includes discussion of what security vendors are not covering that could prevent the next big attack. Vikram Phatak is CTO and leads the research team at NSS Labs. Mr. Phatak has over 15 years of experience in computer, network, and information security. Prior to joining NSS Labs, Mr. Phatak was CTO of Trustwave, founded and was CTO for an intrusion prevention product company, was chief security architect for a Fortune 500 company, and started one of the first Internet service providers in 1994.
-
-
16:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the Operation Aurora attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.
-
16:00
»
Packet Storm Security Exploits
This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the Operation Aurora attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.
-
-
4:52
»
remote-exploit & backtrack
hi guys,
I have tried to use windows/browser/ie_aurora.
My internet connection is by a router, so my public IP address is different from the local one.
So when I use ie_aurora it works fine if I use 192.168.1.104 (local intranet address) but if I use my public address like 82.34.XXX.XXX as SRVHOST and LHOST:
msf exploit(ie_aurora) >
[-] Handler failed to bind to 82.34.XXX.XXX:4444
[-] Handler failed to bind to 0.0.0.0:4444
[-] Exploit failed: The address is already in use (0.0.0.0:4444).[*] Server stopped.
do you know how I can start the server if I am under a router????
Thanks,
Mister|x
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution