Elusive Thoughts

Intro This tutorial is created to show how simple penetration can become and promote constructive hacking/pen-testing (putting things together and combining knowledge to hack). Hacking/Pen-testing without the need to know how to program (at least not good programming skills :) ). I also got bored (one that is wearingly dull, repetitive, or tedious) not being able to find a decent buffer overflow tutorial to start learning what a want. Any way this article is going to show you how to identify buffer overflow the easiest way, after all you know (if you read my post that fuzzing is what I love doing). Fuzzing can help you to generically approach a wide variety of technologies, from Web Applications to C compiled programs. In order to be able to follow through this tutorial you have to understand basic assembly, Python (again I will write basic Python scripts) and a few stuff about buffer overflows. Why IMAP (Internet Message Access Protocol)? Text based protocols are the simplest ...

Intro This article refers basically to a very well known but also a very misunderstood Web Application vulnerability the Cross Site Scripting attack. What most of my clients do not understand is how an XSS attack can be used to compromise their Web Application Infrastructure. And it is logical since even the name of the attack is misleading, it should not be called Cross Site Scripting Attack, it should be called Script Injection attack. That is because when you manage to inject or else bounce a script to a web site then it will eventually end up to the users laptop and do damage. In this article it is implied that you already have a running Metasploit or know how to install and run Metasploit.  Exploiting XSS or else Script Injection attacks Stealing the session cookie is not the only way to take advantage of an XSS attack, so with an XSS attack someone under certain conditions can: Hijack the user session and cause user identity theft (which by the way is none traceable...

Intro From time to time I think what would be the Perfect Web Application Penetration Test, how can you be sure that you tested the Web Application the best possible way? How can you be sure that you managed to guess and by pass all possible badly designed input filters? Well the answer was right in front of me, simply sent all possible character-set combinations!! By sending all possible character-set combinations you do two things that are not desirable 1st you increase the traffic load a lot and 2nd you increase significantly the amount of time the penetration test is going to take (some payloads are for sure not going to help you find any kind of vulnerability or bypass any type of filter and filter bypassing can probably be achived only of you do further payload obfuscation e.g. add comment characters e.t.c) . Now a few of the side effects that might arise are 1st your might cause a DoS attack (if you do a pentest it should be included in the engagement rules) and 2nd you cann...