Events: Submitted by Wade on 09-Jan-08 at 12:14am
Pentestmonkey has a great tool called php-reverse-shell. It is for elevation from web server (PHP) upload access to a reverse bindshell. The script will open an outbound TCP connection from the webserver to a host and port of your choice.
Events: Submitted by Wade on 06-Nov-07 at 09:42am
Josh Abraham has added BeEF to BackTrack3. He has also created a tutorial with some of the basic functionality.
Events: Submitted by Wade on 19-Jul-07 at 07:55am
Inter-protocol Exploitation and Communication papers
Security: Submitted by Wade on 19-Apr-07 at 02:04pm
Two papers are now available that demonstrate inter-protocol security issues - Inter-protocol Communication and Inter-protocol Exploitation. Among other things they show the practicality of encapsulating exploit code in one protocol to compromise a program which uses a different protocol.
An example is provided that shows how a web browser can launch a MetaSploit type exploit to own an Asterisk server. Of course, this raises concerns over the (in)effectiveness of firewalls against this attack.
Events: Submitted by Wade on 19-Mar-07 at 10:16am
The new version of BeEF has been released. BeEF 0.3.1.6 has new modules employing cutting edge exploitation techiques. It is the first framework/tool that can perform Inter-Protocol Communication and Inter-Protocol Exploitation. It can reach behind hardened firewalls and IDSs to launch ported exploits at arbitrary servers.
Advanced Cross-site Scipting Virus Paper
Security: Submitted by Wade on 30-Jan-07 at 11:34am
This paper explores the real potential of the web being infected with a cross-site scripting virus that autonomously searches for, and employs, new vulnerabilities for propagation.
Technology: Submitted by Wade on 26-Nov-06 at 09:01am
The somewhat contentious inclusion of Radio Frequency Identification (RFID) tags into clothing and other products provides a new, but somewhat slow, method of communication: "Transmission of IP Datagrams on Human Carriers". Whilst this falls under the same umbrella as the 1990 April Fools Day RFC for transmitting IP over carrier pigeon, it is still possible and probably quicker.
Site News: Submitted by Wade on 22-Oct-06 at 09:34pm
The latest version of BeEF (0.3.1.1) has more functionality including distributed ports scanning, target zombie selection and autorun modules.
BeEF (Browser Exploitation Framework) Beta Released
Security: Submitted by Wade on 24-Aug-06 at 07:13pm
BeEF the browser exploitation framework has been released. The current version is beta and still a work in progress but it should be easy to install.
Its purposes in life is to provide an easily integratable framework to demonstrate the impact of browser and cross-site scripting issues in real-time. The modular structure has focused on making module development a trivial process with the intelligence existing within BeEF.
Security: Submitted by Wade on 02-Aug-06 at 07:56pm
Attacks from browsers are increasing in sophistication and researchers are focusing more resources in this area. Recently, a javascript port scanner was published that was based on a SPI Dynamics paper. The scanner is entirely encapsulated within the web browser.
It doesn’t take an Einstein to start linking web application attack vectors. In the “Inter-browser Communication” (IBC) blog I illustrated one basic method to maintain indirect real-time control over a browser (including data transfer). Using IBC it possible to load tools (in real-time) such as a port scanner to the controlled browser and retrieve the results. Following this logic, an entire HTTP Suite can be developed to attack internal networks using the browser as an unsuspecting proxy. Not to mention the extra dimensions that XSS viruses add.