Tuesday, March 16th, 2010
Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/advisory/981374.mspx
Two Fix it solutions are available:
Fix it solution for peer factory in iepeers.dll - We have created an application compatibility ...
Posted in Internet, Security, Windows | No Comments
Tuesday, March 2nd, 2010
Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, ...
Posted in Internet, Security, Windows | No Comments
Saturday, January 30th, 2010
This is just a quick example of how you can quickly and easily modify the HOSTS file on a compromised Windows system using the meterpreter script called hostsedit. As always, we start off with a basic exploit to gain a meterpreter session back from the victim's machine:
msf > use windows/smb/ms08_067_netapi
msf ...
Posted in Internet, Privacy, Security, Windows | 1 Comment
Saturday, January 30th, 2010
Here's a quick example of grabbing a screenshot of a compromised system using meterpreter's espia module. Start with a basic exploit to gain a meterpreter session. You'll need to make sure you migrate to a process that has access to Active Desktop or else you will get nothing but blank ...
Posted in Internet, Networking, Privacy, Security | 1 Comment
Saturday, January 30th, 2010
I just wanted to show a quick example of using Incognito to impersonate user tokens on a compromised system. You can think of tokens as a web "cookie" which is just an object that holds your security information for the entire login process so that you don't have to re-authenticate ...
Posted in Internet, Networking, Privacy, Security, Windows | 2 Comments
