https://www.htbridge.com/publications/enThu, 23 May 2013 03:44:04 +0200Thu, 23 May 2013 03:44:04 +0200HTBridge RSS Generator 0.9560https://www.htbridge.com/images/high_tech_bridge_logo2.gifhttps://www.htbridge.comhttps://www.htbridge.com/publications/fuzzing_an_introduction_to_sulley_framework.htmlFuzzing is the art of knowing how to put heavy pressure on software in order to find security vulnerabilities. Fuzzing frameworks have been among us since many years. Some of them have made the difference and been adopted by well-known computer security researchers. This paper is an introduction to the fascinating world of fuzzing by exploring the awesome Sulley Fuzzing Framework. We also intend to demonstrate how quick and easy it could be to find security breaches and weaknesses in nowadays software.https://www.htbridge.com/publications/fuzzing_an_introduction_to_sulley_framework.htmlMon, 06 May 2013 16:26:17 +0200https://www.htbridge.com/publications/novell_groupwise_untrusted_pointer_dereference_exploitation.htmlIn November 2012 High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Novell GroupWise 2012. Details of the vulnerabilities were disclosed in April 2013. This paper demonstrates vulnerability exploitation to execute arbitrary code on the vulnerable system. https://www.htbridge.com/publications/novell_groupwise_untrusted_pointer_dereference_exploitation.htmlWed, 03 Apr 2013 12:16:17 +0200https://www.htbridge.com/publications/manipulating_memory_for_fun_and_profit.htmlMemory analysis and manipulation can provide security analysts with formidable weapons. During his talk at Information Security Day for ISACA Luxembourg Chapter, Frédéric BOURLA presented most memory manipulation tricks from both offensive and defensive angles. The talk first dealt with the attacker’s layer, from pivoting attacks to IEEE1394 issues through In-Memory Fuzzing, which permits auditors to bypass built-in features, network limitations and encryption to remain able to uncover security vulnerabilities in a running application. In a second stage, the talk focused on the benefits of memory manipulation in Computer Forensics and Malware Analysis fields, especially when facing sophisticated malcode, such as kernel rootkits or heavily encrypted reverse Trojans. Basically, this talk aimed to open the doors to a fascinating world which could easily allow security analysts to save lots of time during their recurrent duties.https://www.htbridge.com/publications/manipulating_memory_for_fun_and_profit.htmlWed, 06 Feb 2013 21:34:21 +0100https://www.htbridge.com/publications/in_memory_fuzzing_with_java.htmlNowadays, a wide range of techniques can be used to find vulnerabilities and bugs in binaries applications. The aim of this paper is to introduce the main concepts of In-Memory Fuzzing, to summarize its advantages and drawbacks and to present the debugging library which is currently developed by High-Tech Bridge to help building in-memory fuzzers.https://www.htbridge.com/publications/in_memory_fuzzing_with_java.htmlMon, 17 Dec 2012 14:50:00 +0100https://www.htbridge.com/publications/cve_2012_1535_adobe_flash_player_integer_overflow_vulnerability_analysis.htmlVulnerabilities in Adobe Flash Player has been widely used by cyber criminals since 2006 to penetrate remote systems. During the month of August 2012 a widespread 0day was used to perform attacks by using Microsoft Word documents as the principal attack vector. This security publication explains the particulars of the CVE-2012-1535 security vulnerability in detail.https://www.htbridge.com/publications/cve_2012_1535_adobe_flash_player_integer_overflow_vulnerability_analysis.htmlThu, 11 Oct 2012 19:00:00 +0200https://www.htbridge.com/publications/the_growing_hacking_threat_to_websites_an_ongoing_commitment_to_web_application_security.htmlThe World Wide Web is the growth engine of our decade. Because the Web has the power to make everything available to anyone, anytime, where ever they are, through which ever device, even century-old businesses are adopting Web-centric business models. Government information systems are also becoming Web-centric because they, too, realise that technology allows them to meet and exceed the expectations of citizens with lower budgets. In essence, Web applications have become vital to almost any organisation, but these applications can be dangerously weak links in the network security perimeter.https://www.htbridge.com/publications/the_growing_hacking_threat_to_websites_an_ongoing_commitment_to_web_application_security.htmlWed, 05 Sep 2012 11:58:00 +0200https://www.htbridge.com/publications/how_to_use_pydbg_as_a_powerful_multitasking_debugger.htmlSince its introduction in 2006, PyDbg has become an essential tool for security researchers and reverse engineers. It is mainly used to discover various software vulnerabilities and weaknesses, as well to analyze malware and perform computer forensics. The present publication is aimed to provide a reader with an introduction to the Python based debugger and deliver practical and real examples of this powerful security tool usage.https://www.htbridge.com/publications/how_to_use_pydbg_as_a_powerful_multitasking_debugger.htmlTue, 04 Sep 2012 10:15:00 +0200https://www.htbridge.com/publications/cve_2012_1889_security_update_analysis.htmlSince the 30th of May 2012 hackers were abusing the Microsoft XML core services vulnerability. The 10th of July 2012 Microsoft finally published a security advisory which fixes this issue. The present document and video explains the details about this fix. As a lab test we used a Windows XP workstation with Service Pack 3. The Internet explorer version is 6.0.https://www.htbridge.com/publications/cve_2012_1889_security_update_analysis.htmlThu, 19 Jul 2012 19:00:00 +0200https://www.htbridge.com/publications/cve_2012_1889_microsoft_xml_core_services_uninitialized_memory_vulnerability.htmlBefore the 30th of May 2012 attackers were exploiting a new Microsoft Internet explorer 0day. The 30th of May 2012 Google warned Microsoft about this vulnerability existing in the core of Internet Explorer XML services. The 12th of June 2012 Microsoft published a security advisory (2719615) which is not a final patch but a temporary “Fix-It” solution. Finally on June 19th 2012 the Metasploit Project released an exploit module which is 100% reliable for internet explorer IE6/7/8/9, Windows XP, Vista, and all the way to Windows 7 SP1. The present publication explains the details about this vulnerability. As a lab test we used a Windows XP - SP3 computer with IE 6.0.https://www.htbridge.com/publications/cve_2012_1889_microsoft_xml_core_services_uninitialized_memory_vulnerability.htmlMon, 02 Jul 2012 13:43:11 +0200https://www.htbridge.com/publications/xss_csrf_practical_exploitation_of_post_authentication_vulnerabilities_in_web_applications.htmlThese days many people do not consider post-authentication vulnerabilities dangerous, such as Stored XSS in the administrator’s portion of a web application.https://www.htbridge.com/publications/xss_csrf_practical_exploitation_of_post_authentication_vulnerabilities_in_web_applications.htmlWed, 18 Jan 2012 19:32:51 +0100https://www.htbridge.com/publications/cybercrime_in_nowadays_businesses_a_real_case_study_of_targeted_attack.htmlThe time where information threats were mostly limited to blind attacks of random targets has gone. Nowadays, many costly compromises are due to highly targeted attacks and require various skills, from web application hacking to singletons coding and botnets leveraging through the uncovering and exploitation of 0-day vulnerabilities. Cybercrime has therefore evolved to adapt the market, and criminal groups are now organized into highly specialized entities who collaborate to provide global underground services, such as attacking one’s competitors. Through a real case study, we will explore the complexity of such attacks which endanger today's businesses.https://www.htbridge.com/publications/cybercrime_in_nowadays_businesses_a_real_case_study_of_targeted_attack.htmlWed, 02 Nov 2011 15:39:26 +0100https://www.htbridge.com/publications/spying_internet_explorer_8_0.htmlMalicious software also known as "Malcode" or "Malware" can compromise the security and functionality of a program. Once "installed" it monitors the user’s habits. This documents introduces this kind of threats by spying a widespread internet browser.https://www.htbridge.com/publications/spying_internet_explorer_8_0.htmlWed, 28 Sep 2011 19:39:26 +0200https://www.htbridge.com/publications/frontal_attacks_from_basic_compromise_to_advanced_persistent_threat.htmlNowadays, there is a renewed interest in server-side attacks for hackers. According to SANS, attacks against web applications constitute more than 60% of the total attack attempts observed on the Internet. Victims may be the website owners (e.g. intellectual property theft or loss of customer confidence), their clients (e.g. bank transfer fraud or identity theft) as well as any Internet user, since web application vulnerabilities are now widely exploited to convert trusted websites into malicious ones, thus serving client-side exploits contents to Internet users. This document addresses the major threats which face today's companies, from database exfiltration in DMZ to the Advanced Persistent Threats recently undergone inmany international organizations.https://www.htbridge.com/publications/frontal_attacks_from_basic_compromise_to_advanced_persistent_threat.htmlFri, 16 Sep 2011 16:14:01 +0200https://www.htbridge.com/publications/inline_hooking_in_windows.htmlThis document is the second of a series of five articles relating to the art of hooking. As a test environment we will use an english Windows Seven SP1 operating system distribution.https://www.htbridge.com/publications/inline_hooking_in_windows.htmlTue, 06 Sep 2011 17:41:19 +0200https://www.htbridge.com/publications/passive_information_gathering.htmlThe aim of this paper is to present the P.I.G. software, a private tool developed by High-Tech Bridge to optimize the information gathering phase during penetration tests. This paper only contains few technical information in order to provide a global view of the software implementation, which may be useful to people willing to automate such a process. https://www.htbridge.com/publications/passive_information_gathering.htmlTue, 16 Aug 2011 17:22:08 +0200https://www.htbridge.com/publications/userland_hooking_in_windows.htmlThis document is the first of a series of five articles relating to the art of hooking. As a test environment, we will use an English Windows Seven SP1 operating system distribution. https://www.htbridge.com/publications/userland_hooking_in_windows.htmlThu, 04 Aug 2011 17:18:09 +0200https://www.htbridge.com/publications/defeating_data_execution_prevention_and_aslr_in_windows_xp_sp3.htmlData prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.https://www.htbridge.com/publications/defeating_data_execution_prevention_and_aslr_in_windows_xp_sp3.htmlMon, 27 Jun 2011 12:49:51 +0200https://www.htbridge.com/publications/structured_exception_handler_exploitation.htmlThe SEH exploitation technique was publicly documented by David Litchfield in September of 2003. At a high-level, the SEH overwrite technique uses a software vulnerability to execute arbitrary code by abusing the 32-bit exception dispatching facilities provided by Windows. At a functional level, an SEH overwrite is generally accomplished by using a stack-based buffer. This document explains SEH details while exploiting a real case.https://www.htbridge.com/publications/structured_exception_handler_exploitation.htmlWed, 15 Jun 2011 00:00:00 +0200https://www.htbridge.com/publications/fake_malware_and_virus_scanners.htmlRogue security software reports a virus infection, even if your computer is clean. This kind of "software" could also fail to report viruses when your computer is infected. This document show what are the mechanisms to obfuscate this process.https://www.htbridge.com/publications/fake_malware_and_virus_scanners.htmlFri, 20 May 2011 15:23:37 +0200https://www.htbridge.com/publications/become_fully_aware_of_the_potential_dangers_of_activex_attacks.htmlExploiting ActiveX components vulnerabilities in Windows has become a favored method of attackers aiming to compromise specific computers. Such targeted attacks have increasingly become a threat to companies and government agencies. This talk will explain this kind of attack and show how this flaw could be discovered while going through exploitation.https://www.htbridge.com/publications/become_fully_aware_of_the_potential_dangers_of_activex_attacks.htmlThu, 12 May 2011 00:00:00 +0200