break
Jun 22

A hacker calling himself Arr1val has published proof-of-concept exploit codes for two 0-day vulnerabilities affecting Adobe Reader and Acrobat. The company has already confirmed one of them and strongly suggests disabling JavaScript in the products until a patch will be made available.

The flaws are classified by SecurityFocus as “boundary condition errors.” The first is located in thegetAnnots() JavaScript function and the other in spell.customDictionaryOpen(). Both of them make it possible for an attacker to execute arbitrary code on systems with the affected products installed, by tricking users into opening a maliciously crafted PDF file.

According to Arr1val’s PoC exploits, published on Packet Storm during the early hours of Tuesday, the vulnerabilities were tested on Adobe Reader 9.1 and Adobe 8.1.4 running on Linux. Adobe acknowledged the report and started an investigation into the issues. “We are currently investigating, and will have an update once we get more information,” David Lenoe initiallyannounced on the blog of Adobe’s Product Security Incident Response Team (PSIRT). More

Date June 22nd, 2009 Filed in ITsec News, Web application Security No Comments »
Jun 7

WEPBuster basically seems to be a toolkit that attempts to automate the tasks done by the various parts of the aircrack-ng suite.

The end goal of course is to crack the WEP key of a given Wireless network.

Features

The main part of this is the autonomous nature of the toolkit, it can crack all access points within the range in one go. Other than the the features would be those found in aircrack-ng.

  • Mac address filtering bypass (via mac spoofing)
  • Auto reveal hidden SSID
  • Client-less Access Point injection
  • Shared Key Authentication
  • WEP Decloaking (future version)
  • Whitelists (crack only APs included in the list)
  • Blacklists (do not crack APs included in the list)

You can download WEPBuster here:WEPbuster.tgz

Date June 7th, 2009 Filed in Security, Web application Security 6 Comments »
Oct 25

My friend Andrew recently posted a teaser for a new project he’s working on, but with part of the headline pixelated to obscure what the project actually is. My curiosity got the best of me and I decided to do what any self-respecting geek would do: write a program to figure out what the censored text said.

Ultimately I failed to recover most of the censored text (except “to”), so I had to cheat a little. The following video is the program running on a very similar image I created. This proves it works in ideal conditions, but needs some improvement to work in less than ideal cases. VIDEO

Applying a filter like Photoshop’s “mosaic” filter obscures the original data, but doesn’t remove it entirely. If we can reconstruct an image with known text that looks very similar to original image, then we can  be pretty sure the original text is the same as our known text. more

Date October 25th, 2008 Filed in ITsec News, Web application Security No Comments »