|
|
|
Deceptive Honeypots
|
|
Hits: 0 |
|
Date added: 07/30/2005 |
|
This is preliminary research into the effectiveness of deceptive defensive measures in particular honeypots that use deceit as a primary defensive and offensive mechanism. Initial research has been conducted using the Deception Tool Kit and its ability to fool commonly available network scanning tools such as Nessus and Nmap The preliminary research indicates that these deceptive tools have a place in modern network defence architecture. |
|
|
|
|
|
Google Hacks 2nd Edition
|
|
Hits: 0 |
|
Date added: 09/29/2005 |
|
|
|
|
|
|
|
|
I Know Something You Don%60t Know (Email Secrets)
|
|
Hits: 0 |
|
Date added: 07/30/2005 |
|
This paper provides an overview about an unchecked feature of the SMTP protocol, called 'Message-ID:'; unfortunately, this little feature may be required, thus making its removal difficult. Exploits may include: text-based steganography (I currently have a proof-of-concept process, although kludgy, *does* work) to hidden activation or deactivation codes of malicious or hidden code within aany MIME-encapsulated header. |
|
|
|
|
|
|
Discovering Passwords in the Memory
|
|
Hits: 0 |
|
Date added: 07/30/2005 |
|
Escalation of privileges is a common method of attack where a low privileged user exploits a vulnerability to become an administrator or a higher privileged user. Privilege escalation may be achieved through cracking of administrative passwords, local buffer overflows and stealing of passwords. This paper discusses a common vulnerability that could be exploited by low privileged users to steal critical passwords and escalate their privileges. |
|
|
|
