Shamless plug alert!
Hacking Exposed Web Applications 3rd. Edition is out! and I'm a contributing author! Check it out!
http://www.amazon.com/HACKING-EXPOSED-WEB-APPLICATIONS-3/dp/0071740643/ref=sr_1_1?ie=UTF8&qid=1288459138&sr=8-1
Saturday, October 30, 2010
Wednesday, October 20, 2010
MS10-070 ASP.NET Auto-Decryptor File Download PoC exploit
This is another exploit part of the MS10-070 saga :)
It is not the same as our other previously released exploit, this one uses another information leak. On average, this exploit should allow you to do the same as the previous one but faster (which is important/desirable in this scenario).
You can find it here:
http://www.ampliasecurity.com/research/aspx_ad_chotext_attack.rb
It is not the same as our other previously released exploit, this one uses another information leak. On average, this exploit should allow you to do the same as the previous one but faster (which is important/desirable in this scenario).
You can find it here:
http://www.ampliasecurity.com/research/aspx_ad_chotext_attack.rb
Thursday, October 14, 2010
MS10-070 ASP.NET Padding Oracle attack PoC exploit video
Yesterday, Agustin Azubel from Amplia Security released a proof-of-concept exploit implementing a Padding Oracle attack against ASP.NET (MS10-070) that allows an attacker to download a file from the remote web server.
Today we released a video showing how the PoC exploit works.
You can find it here:
http://vimeo.com/15856549
and also, here:
http://www.youtube.com/ampliasecurity#p/u/0/2jvmT5lmIIM
If you don't feel like installing IIS/ASP.NET and creating a sample application or don't have an already vulnerable ASP.NET application to test the PoC exploit on, the video will give you an idea on how the exploit works.
Today we released a video showing how the PoC exploit works.
You can find it here:
http://vimeo.com/15856549
and also, here:
http://www.youtube.com/ampliasecurity#p/u/0/2jvmT5lmIIM
If you don't feel like installing IIS/ASP.NET and creating a sample application or don't have an already vulnerable ASP.NET application to test the PoC exploit on, the video will give you an idea on how the exploit works.
Wednesday, October 13, 2010
MS10-070 ASP.NET Padding Oracle Attack to download web.config or other files
You can find it here:
http://www.ampliasecurity.com/research/aspx_po_chotext_attack.rb
A proof-of-concept attack against MS10-070, this PoC is an implementation in Ruby of a Padding Oracle attack and allows you to download the 'Web.config' file or any other file from a vulnerable ASP.NET installation.
It was written by Agustin Azubel (aazubel [ at ] ampliasecurity.com).
http://www.ampliasecurity.com/research/aspx_po_chotext_attack.rb
A proof-of-concept attack against MS10-070, this PoC is an implementation in Ruby of a Padding Oracle attack and allows you to download the 'Web.config' file or any other file from a vulnerable ASP.NET installation.
It was written by Agustin Azubel (aazubel [ at ] ampliasecurity.com).
Friday, October 08, 2010
Windows Credentials Editor v1.0 (WCE)
I just released a new tool called Windows Credentials Editor 1.0 (WCE)
It allows to perform pass-the-hash and other things related to windows logon sessions and supports XP,2003,7,2008 and Vista.
You can find it here:
http://www.ampliasecurity.com/research/wce_v1.0.tgz
Have fun!
It allows to perform pass-the-hash and other things related to windows logon sessions and supports XP,2003,7,2008 and Vista.
You can find it here:
http://www.ampliasecurity.com/research/wce_v1.0.tgz
Have fun!
Subscribe to:
Posts (Atom)