From:Petri
Introduction
Trying to locate a specific event in the Windows Event Viewer is kind of looking for the proverbial needle in the haystack. Individual processes can fire off dozens of events in a minute’s time, effectively burying the events that you are looking for.
This isn’t a huge problem if you know exactly what it is that you are looking for. For instance, Microsoft has always made it pretty easy to locate specific event IDs in the Event Viewer. If you don’t have a specific piece of information to search on though, finding the event that you are looking for can be a little tough.
阅读全文
From:web应用安全观察站
MS Anti-XSS Lib实在是一个非常好的工具库,从3.0版本开始就内含了一个SRE(Security Runtime Engine),SRE实现为一个HttpModule。
现在3.1版本也发布了,主要是做了性能优化以及改进的SRE功能,提供了两个新的安全方法
-
- GetSafeHtml
- GetSafeHtmlFragment
阅读全文
***** MS IIS FTPD DoS ZER0DAY *****
There is a DoS vulnerability in the globbing functionality of IIS FTPD.
Anonymous users can exploit this if they have read access to a directory!!!
Normal users can exploit this too if they can read a directory.
Example session where the anonymous user has read access to the folder "pub":
C:\Users\Nikolaos>ftp 192.168.2.102
Verbindung mit 192.168.2.102 wurde hergestellt.
阅读全文
#!/usr/bin/perl
#Microsoft Wordpad on WinXP SP3 Memory Exhaustion Vulnerability - 0day
#Works on WinXP SP3!
#bug found by murderkey in Hellcode Labs.
#exploit coded by karak0rsan aka musashi
#Hellcode Resarch
#just a fuckin' lame 0day bug for fun!
$file = "hellcoded.rtf";
阅读全文
////////////////////////////////////////////////////////////////////////////////////
// +----------------------------------------------------------------------------+ //
// | | //
// | Microsoft Corporation - http://www.microsoft.com/ | //
// | | //
// | Affected Software: | //
// | Windows XP Service Pack 2 | //
// | Windows XP Service Pack 3 | //
// | | //
// | Affected Driver: | //
// | Multi-User Win32 Driver - win32k.sys <= 5.1.2600.5796 | //
// | | //
// | Local Privilege Escalation Exploit | //
// | For Educational Purposes Only ! | //
// | | //
// +----------------------------------------------------------------------------+ //
// | | //
// | NT Internals - http://www.ntinternals.org/ | //
// | alex ntinternals org | //
// | 30 July 2009 | //
// | | //
// | References: | //
// | Exploiting Common Flaws in Drivers | //
// | Ruben Santamarta - http://www.reversemode.com/ | //
// | | //
// +----------------------------------------------------------------------------+ //
////////////////////////////////////////////////////////////////////////////////////
Exploit:
http://www.ntinternals.org/win32k/NtUserConsoleControl_Exp.zip
back: http://milw0rm.com/sploits/2009-NtUserConsoleControl_Exp.zip
Description:
http://www.ntinternals.org/index.html#09_07_30
# milw0rm.com [2009-07-30]
From:milw0rm
#
# Author : Ahmed Obied (ahmed.obied@gmail.com)
#
# - Based on the code posted at http://www.milw0rm.com/exploits/9163
# - Tested using:
# > Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc10.dll installed
# > Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc11.dll installed
#
# Usage : python ie_owc.py [port (between 1024 and 65535)]
阅读全文
IE 最新 0day 波及了微软全线系统,目前暂时没有补丁。微软于近日发布了一份安全通报,指导您如何暂时屏蔽此漏洞。
漏洞出在 OLEDB32.dll 这个文件上。所以我们的目的就是屏蔽这个文件。对此,微软连出了4个杀手锏:
1. SACL 法(仅适用于 Vista)
[Unicode]
Unicode=yes
[Version]
signature=”$CHICAGO$”
阅读全文
