jetlib.sec » Tags » trusted

Feeds

258885 items (0 unread) in 27 feeds

• 0day.today (was: 1337day, Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

7 items tagged "trusted"

Related tags: computing [+], black hat [+], windows security [+], david blight [+], windows service [+], windows [+], usa [+], tpm [+], technology protection [+], technology [+], slides [+], service [+], security [+], revolution [+], persistent storage [+], paper [+], hacks [+], hack on [+], exploits [+], execution technology [+], execution [+], escalation [+], emulator system [+], emulator [+], crytography [+], cryptography [+], christopher tarnovsky [+], buffer overflow vulnerability [+], bruce potter [+], authors [+], android [+]

• October 03, 2012
• 17:00

  Intel Trusted Execution Technology SINIT ACMs Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  This allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.

  Tags:  technology trusted execution buffer-overflow-vulnerability execution-technology technology-protection  

• August 15, 2012
• 14:00

  [local exploits] - Windows Service Trusted Path Privilege Escalation

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local exploits] - Windows Service Trusted Path Privilege Escalation

  Tags:  trusted service windows windows-service escalation exploits  

• May 12, 2012
• 10:57

  Android Emulator, Trusted CA, and Persistent Storage

   » ‎ Carnal0wnage
  UPDATE - An easier way to do this can be found on our update post here
  
  Android periodically updates it's SDK and somtimes when this happens, old methods for importing a Trusted CA, necessary to proxy SSL traffic, will fail and you must find a new solution. Technically speaking, it's not necessarily the import that is the problem, it's saving those changes between restarts of the emulator. If you've worked with the emulator you'll note that after importing a Trusted CA such as BurpSuite's certificate, the changes only take effect once you've rebooted the emulator. In other words, you actually have to restart the emulator, and without these steps, you'll lose your updated Trusted CA list.
  
  Using Android SDK 19, the solution was to move a temporary file and rename it. Let's begin:
  
  After creating your Android Virtual Device (AVD) named "test"....
  
  Step 1 - Run the emulator
  
  
  
  
  
  Step 2 - While running, pull the cacerts.bks file
  
  
  
  
  
  
  Step 3 - Get the keytool
  
  
  
  
  
  
  Step 4 - Import the PortSwigger SSL Certificate into the cacerts.bks file w/ keytool
  NOTE: Exporting PortSwigger SSL Certificate instructions here - http://carnal0wnage.attackresearch.com/2010/11/iphone-burp.html
  
  
  
  
  Step 5 - Remount the emulator /system folder with read-write permissions
  
  
  
  
  
  Step 6 - Push the cacerts.bks file up onto the emulator
  
  
  
  
  
  Step 7 - Move the tmp file to your local avd directory and rename it to system.img
  
  
  
  
  
  Step 8 - Restart, rm cacerts.bks, pull down the copy from emulator, ensure certificate still exists in cacerts.bks file
  
  
  
  
  
  
  The reason this data persisted was because we moved the temporary copy (emultor-<random string>) from /tmp/android-<myname>/ and renamed it to system.img. Lastly, we placed the image file in the ~/.android/avd/test.avd/ directory.
  
  hack on,
  
  cktricky
  
  

  Tags:  trusted emulator android emulator-system hack-on persistent-storage  

• January 09, 2012
• 21:35

  [Slides] The Trusted Computing Revolution

   » ‎ SecDocs
  Authors: Bruce Potter
  Tags: trusted computing
  Event: Black Hat USA 2006
  

  Tags:  trusted computing revolution bruce-potter usa black-hat slides  

• December 15, 2011
• 11:22

  [Paper] Trusted Computing 101

   » ‎ SecDocs
  Authors: David Blight
  Tags: trusted computing
  Event: Black Hat Windows Security 2004
  

  Tags:  trusted computing paper david-blight black-hat windows-security  

• 11:21

  [Slides] Trusted Computing 101

   » ‎ SecDocs
  Authors: David Blight
  Tags: trusted computing
  Event: Black Hat Windows Security 2004
  

  Tags:  trusted computing authors david-blight black-hat windows-security  

• February 09, 2010
• 10:25

  TPM crytography cracked

   » ‎ Hack a Day
  Trusted Platform Module based cryptography protects your secrets as well as your government’s secrets.  Well, it used to. [Christopher Tarnovsky] figured out how to defeat the hardware by spying on its communications. This requires physical access so it’s not quite as bad as it sounds, but this does reach beyond TPM to many of the [...]

  Tags:  trusted crytography tpm christopher-tarnovsky cryptography security hacks