Collaborate Disseminate
I have a server that seems to be compromised checking the processes running I see an executable that seems to be a mining malware and the hacker uses it to mine litecoin at the address MKkb4o9jUYmcQRRkpJWK82mW2S1ZZMtaLg, the executable fil… Continue reading How to track which php file executed a malware binary
Is there any way to detect injection into unencrypted http traffic like files, js etc
a) just by traffic analysis
b) from the client side
?
Is there any way to detect injection into unencrypted http traffic, like files, js etc.
just by traffic analysis
from the client-side?
I found a way to cause a low privileged program in Program Files to run any binary I want.
I am doing it by changing a configuration file it reads, which I of course have an access to.
Is it considered as a vulnerability?
I think so becaus… Continue reading Does process injection through file on a low privilege user considered as a vulnerability
I published the following diary on isc.sans.edu: “Python Shellcode Injection From JSON Data“: My hunting rules detected a niece piece of Python code. It’s interesting to see how the code is simple, not deeply obfuscated, and with a very low VT score: 2/56!. I see more and more malicious Python code
The post [SANS ISC] Python Shellcode Injection From JSON Data appeared first on /dev/random.
Continue reading [SANS ISC] Python Shellcode Injection From JSON Data
Many services still restrict the special characters allowed in passwords and similar with the argument that it prevents injection attacks. Now, there are many good arguments against this such as avoiding unnecessary obstructions, character… Continue reading Is character restriction ever a safe mechanism against code injection / better than input sanitisation?
I have been conducting some minor research into the various forms of exploitation, such as buffer overflows and similar.
Most tutorials seem to focus on executing shellcode, that is code which executes a shell. I was wondering if the cause… Continue reading What is the maximum payload injection size
I am looking for an automated tool to identify client-side and server-side template injection vulnerabilities in a Web application which uses AngularJS.
This type of vulnerability is not currently detected by the tooling I currently use. … Continue reading What automated tools can be used to identify template injection? [closed]
Is it possible to bypass the CSP with XSS if I can write any kind of code on the testsite, but CSP is set to
script-src ‘none’; sandbox ?
I was thinking of injecting meta tag with specified different CSP so that it ‘overrides’ the one set … Continue reading Bypass CSP, with script-src policy
I am looking for a automation tool for identify client-side and server-side template injection. I tried using some tools to detect, but none of them detects it in the scanning. So I had to check it by manually using payloads. Web applicat… Continue reading What are the automation tools that can be used to identify template injection? [closed]