Posts tagged with: security
Apr 23, 2013    |      0 comments

Introduction to “Meterpreter”

Meterpreter (meta-interpreter), is an advanced payload included in the Metasploit Framework. In my opinion this is the best payload ever. It can upload/download victim’s files, read stored password hashes, keylogging, and even run a vnc server on the victim’s machine.

Meterpreter compatible with most of the exploit and auxiliary on metasploit. Making it the most sophisticated and the most used payload by pentesters and hackers. The way that it accomplishes this is by allowing exploit developers to write their own extensions in the form of shared object (DLL) files that can be uploaded and injected into a running process on a target computer after exploitation has occurred. Continue Reading

Apr 23, 2013    |      0 comments

Social Engineering ~ Definition and Tool

In this post I’ll explain about the definition of social engineering and the tools to do it. Although its only a little and not in detail, but I think its enough to help you understand better about Social Engineering.

Lets talk about vulnerability first.
Vulnerability, is a weak point that exist on a system. This vulnerability is not only on the hardware and software, but also on the environment, the network and also the administrator/user. Social Engineering is the technique to attack the human vulnerability, usually the biggest vulnerability that exist on the human is the Low Security Awareness. Continue Reading

Apr 23, 2013    |      0 comments

More About SEH and SafeSEH

As explained before, SEH (Structured Exception Handling) is the protection integrated on a system of a software to handle the abnormal flow of the program that can caused the program to act abnormal too (crash, hang, etc). SEH will prevent the EIP to be overwritten directly by the excess data sent by the fuzzer. SEH will fully control the memory used by the software. This protection definitely forcing hackers to develop a technique to bypass the SEH protection. When this protection can be controlled, the execution process on the CPU also can be controlled easily like in the Direct Return Exploitation.

tech-security

The most popular technique to bypass this protection is using the POP, POP, RETN technique. Basically stack in the memory is a structured memory consist of 32 bit virtual file. The first POP command will take out the topmost value layer of the virtual file to the other register on the memory. And the second POP command will take out the second layer of the stack on the memory. Finally the third command, RETN will be the first layer on the stack, so the system will start the execution process from that location depend on the memory address pointed by the RETN command. Continue Reading

Apr 23, 2013    |      0 comments

Introduction to “OllyDbg”

In this post, we’ve learned about reverse engineering. What we will talk now is one of the tool used for that called OllyDbg.

Before discussing OllyDbg, we must know what is debugging. Debugging is a structured process to find and reduce the number of bugs or defects in a computer program and repair it. When there are a bug in a system, especially when there are lots of subsystem in it will make the debugging process become harder because a changes in one may cause bugs appear in the other.

To do this debugging process, we need a debugging tool called debugger. It is used to test and debug the program. It can see what activity a software runs on the memory. Based on that thing, we can see at what point a bug appear. OllyDbg, Debugger, and ImmunityDbg is the example of a debugger software. Continue Reading

Apr 23, 2013    |      0 comments

Buffer Overflow : Direct Return & SEH Based

At my other post we’ve known a little thing about buffer overflow. Now we will talk two cases that happened when we do a Buffer Overflow that is Direct Return Exploit and SEH Based Exploit and whats the difference between those two.

– Direct Return Exploit
Direct return exploit happened to a program that can’t handle an exception. A condition where an application trying to execute a code outside its normal work cycle. As the results, when an application that can’t handle an exeption buffer overflowed, the EIP registered in the buffer memory will directly overwritten by the rest of the data that we use to overflow the application.

– SEH Based Exploit Continue Reading

Pages:123456