d

Security Intrusion: The Complete Documentation

• This category contains 10 Papers
• The last paper was added on 2007-03-26 (YYYY-MM-DD)

Attacking and Securing UNIX FTP Servers

Published on August 01, 2002, by Jay Beale, www.blackhat.com.

The Unix FTP servers have been called 'the IIS of the Unix world' for their frequent and potent vulnerabilities. Each has provided remote exploits, usually at the root privilege level, on a consistent and frequent basis. WU-FTPd is the most popular Unix FTP server by far, shipping by default on most Linux distributions, and even on Solaris, and being installed most commonly on the rest of the Unix platforms. This talk will demonstrate working exploits on WU-FTPd, then show you how to configure WU-FTPd to defeat them. While the talk will use WU-FTPd as the primary example, we'll also discuss ProFTPd, the other major FTP daemon for Unix.

Attacking FreeBSD with Kernel Modules

Published on 1999, by Pragmatic, ©The Hackers Choice (THC).

FreeBSD is an often used server operating system. Lots of ISPs, universities and some firms are using it. After releasing my Linux LKM text van Hauser asked my to take a look at the FreeBSD kernel, so here we go. This text will show you that most Linux LKMs can be ported to BSD systems (FreeBSD). On FreeBSD we can even do some things that were harder to implement on Linux systems. This text only deals with ways to backdoor/intercept system calls. I had a little conversation with Solar Designer who tought me that there are lots of other ways to attack the FreeBSD kernel, but this will come in a further release.

Bypassing Integrity Checking Systems

Published on September 01, 1997, by halflife, ©Phrack.

In this day and age where intrusions happen on a daily basis and there is a version of \"rootkit\" for every operating system imaginable, even mostly incompetent system administration staff have begun doing checksums on their binaries. For the hacker community, this is a major problem since their very clever trojan programs are quickly detected and removed. Tripwire is a very popular and free utility to do integrity checking on UNIX systems. This article explores a simple method for bypassing checks done by tripwire and other integrity checking programs.

CIFS: Common Insecurities Fail Scrutiny

Published on January 1997, by Hobbit, Avian Research.

An analysis of TCP/IP NetBIOS file-sharing protocols is presented, and the steps involved in making a client to server SMB connection described in some detail. Emphasis is placed on protocol and administrative vulnerabilities at various stages and fixes/workarounds for some of them, with the hope that the reader will better understand attacks and defenses alike. Several examples are presented, based upon using programs from the Unix Samba package to probe a target IP network and survey it for potential problems.

Cracking VoIP Architecture Based on the Session Initiation Protocol (SIP)

Published on August 01, 2002, by Ofir Arkin, www.blackhat.com.

Voice over IP (VoIP) is the next generation of telecommunications. It is combined from singling protocols (which establish, modify, and tear-down sessions), media transfer protocols (which carry the voice samples), and supporting protocols (which support the other two protocols with services they need such as routing, DNS, etc).

Hping2 Basics

Published on 2006, by Chris Gates, ©The Ethical Hacker Network.

The classic ping command has served the IT community well. But with the never ending escalation of security and the blocking of most ICMP traffic at both the border as well as the host, the plain old ping command is no longer enough to accomplish even the simplest of network administrative tasks. This is exactly where a handy tool named hping2 comes into the fold to lift the capabilities of ping to heights it never imagined.

HTML Form Protocol Attack (The)

Published on 14 août 2001, by Jochen Topf, team n.c.

This paper describes how some HTML browsers can be tricked through the use of HTML forms into sending more or less arbitrary data to any TCP port. This can be used to send commands to servers using ASCII based protocols like SMTP, NNTP, POP3, IMAP, IRC, and others. By sending HTML email to unsuspecting users or using a trojan HTML page, an attacker might be able to send mail or post Usenet News through servers normally not accessible to him. In special cases an attacker might be able to do other harm, e.g. deleting mail from a POP3 mailbox.

MH DeskReference (The)

Published on date n.c, by NeonSurge, Rhino9 Team.

This book was written/compiled by The Rhino9 Team as a document for the modern hacker. We chose to call it the Modern Hackers Desk Reference because it mostly deals with Networking Technologies and Windows NT issues. Which, as everyone knows, is a must knowledge these days. Well, rhino9, as the premiere NT Security source, we have continually given to the security community freely. We continue this tradition now with this extremely useful book. This book covers WindowsNT security issues, Unix, Linux, Irix, Vax, Router configuration, Frontpage, Wingate and much much more.

Security Problems in the TCP/IP Protocol Suite

Published on April 1989, by S.M. Bellovin, ATT Bell Laboratories.

The TCP/IP protocol suite, which is very widely used today, was developed under the sponsorship of the Department of Defense. Despite that, there are a number of serious security flaws inherent in the protocols, regardless of the correctness of any implementations. We describe a variety of attacks based on these flaws, including sequence number spoofing, routing attacks, source address spoofing, and authentication attacks. We also present defenses against these attacks, and conclude with a discussion of broad-spectrum defenses such as encryption.

Syscall Proxying - Simulating Remote Execution

Published on August 01, 2002, by Maximiliano Caceres, www.blackhat.com.

A critical stage in a typical penetration test is what we call the "Privilege Escalation" phase. An auditor typically encounters this stage when access to an inter