欢迎信息安全界的朋友!黑站、挂马的勿扰!只做基础理论研究。交流IDS、IPS、buffer overflow、内核编程 、sniffer,技术共享!
. . . . .
. . .
'BBNNNN . .
N . . .
N . . .
N. . .
N . . . N . NN
B . NN. NN
NN . . BN NN
N . . . . . ND. NN
N. . .. . NN . NN
N .. . NB NN
N B. . NN. NN
N . NN NB . NN
NNNBNNNN B . N. NN
N . .N NN
. N . N. NN
.N . . . . N . . BN ..
.. .B . . .. . . N NN . .
N NNN. B. . . N NNNNNN NNN
.. N N N N .NNNB NNN.B. BN. NBN B. B.
.B . . N NN . N N . NB NBN .N NN N N .
.NN . N NN . B .B . N N. . B N.BN.
. N N N . NN N ..B. N . N .B NN
N NN NNN N NNN N NB NNNN
. . B. BN NN . NNN NN NNNNNN. .NB N .
N N . . . . NN . N. . N
. N . . . . .B .
. D. . . . . . . N.
N . . ' . . N .
N . . . . . N .
. . . . NN .
. . N .
. . . N .
. . N. ..
. . NN .
. . . NNBNB. '
. . BNBNNNNN .
. . . . . .
. . .
介绍几种国外的FUZZ
作者:friddy 日期:2009-02-03
Gfuzz
Gfuzz is a web application fuzzing environment which combines fine-grained taint analysis on the server-side (using CORE Grasp) with grammar-based analysis. This allows to perform fuzzing tests and accurately detect attacks feeding the grammar analyzer with the executed SQL queries (on the server side) together with security taint marks for each query.
Command execution with a MySQL UDF
作者:friddy 日期:2009-02-03
Modern database management systems are powerful applications: they provide several instruments to interact with the underlying operating system.
On MySQL it is possible to create a User-Defined Function to execute commands on the underlying operating system. Marco Ivaldi demonstrated that some years ago. His raptor_udf2.c works well, but it has two limitations:
It is not MySQL 5.0+ compliant because it does not follow the new guidelines to create a proper UDF.
On MySQL it is possible to create a User-Defined Function to execute commands on the underlying operating system. Marco Ivaldi demonstrated that some years ago. His raptor_udf2.c works well, but it has two limitations:
It is not MySQL 5.0+ compliant because it does not follow the new guidelines to create a proper UDF.
完美时空的网站有漏洞
作者:friddy 日期:2009-01-26
2009微软的第一个PATCH
作者:friddy 日期:2009-01-14
http://www.microsoft.com/technet/security/Bulletin/MS09-001.mspx
SMB Buffer Overflow Remote Code Execution Vulnerability - CVE-2008-4834
An unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a computer running the Server service. An attacker who successfully exploited this vulnerability could take complete control of the system. Most attempts to exploit this vulnerability would result in a system denial of service condition, however remote code execution is theoretically possible.
SMB Buffer Overflow Remote Code Execution Vulnerability - CVE-2008-4834
An unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a computer running the Server service. An attacker who successfully exploited this vulnerability could take complete control of the system. Most attempts to exploit this vulnerability would result in a system denial of service condition, however remote code execution is theoretically possible.
