Next Page >>
tools
From http://support.microsoft.com/kb/890830
======
Reporting component
The Malicious Software Removal Tool sends information to Microsoft if it detects malicious software or finds an error. The specific information that is sent to Microsoft consists of the following items: * The name of the malicious software that is detected
* The result of malicious software removal
* The operating system version
* The operating system locale
* The processor architecture
* The version number of the tool
to plaintext, and so on, while attempting to remain undetected. The backdoor may take
the form of an installed program (e.g., Back Orifice), or could be a modification to an
existing program or hardware device.
According to an article on PC World: "The software vendor is giving law enforcers
access to a special tool that keeps tabs on botnets, using data compiled from the 450
million computer users who have installed the Malicious Software Removal tool that
ships with Windows."
Not a big deal until you keep reading: "Although Microsoft is reluctant to give out details
on its botnet buster - the company said that even revealing its name could give cyber
It will allow participants to present and discuss technical issues,
exchange research ideas, introduce new development projects (and new
revision of existing projects), in order to foster the creation of a
community of practitioners and (people from academia - academics) , and
to promote the usage of FLOSS tools in computer and network forensics.
The main topics of interest for the workshop are:
- FLOSS tools for Evidence Management
- Tools for acquisition, collection, and storage of digital evidence
- Tools for identification, authentication, integrity preservation
It will allow participants to present and discuss technical issues,
exchange research ideas, introduce new development projects (and new
revision of existing projects), in order to foster the creation of a
community of practitioners and (people from academia - academics) , and
to promote the usage of FLOSS tools in computer and network forensics.
The main topics of interest for the workshop are:
- FLOSS tools for Evidence Management
- Tools for acquisition, collection, and storage of digital evidence
- Tools for identification, authentication, integrity preservation
It will allow participants to present and discuss technical issues,
exchange research ideas, introduce new development projects (and new
revision of existing projects), in order to foster the creation of a
community of practitioners and (people from academia - academics) , and
to promote the usage of FLOSS tools in computer and network forensics.
The main topics of interest for the workshop are:
- FLOSS tools for Evidence Management
- Tools for acquisition, collection, and storage of digital evidence
- Tools for identification, authentication, integrity preservation
Extended support for Virtual Center 2.0.2 is 2011-12-10, users
should plan to upgrade to the newest release of vCenter Server.
3. Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
This vulnerability is present only on Windows Guest Operating
Systems.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users
should plan to upgrade to the newest release of vCenter Server.
3. Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
This vulnerability is present only on Windows Guest Operating
Systems.
Hi Ignace,
Your question is very normal. Well, I'm doing in order to have a large
referral center for security tools. When you eventually need some tool
somewhere, not know any, want to try other tools you use regularly, or
have a proprietary tool and want to share with everyone. For all that I
think is a good idea to a site that combines the largest and ranked them
as best as possible so that it can help in all these cases.
The reason for not having added the tools available in backtrack, FIRE,
Phlax, Helix, etc, is that, despite the contributions of all you are
doing (and I appreciate greatly), almost all the tools I introduced
############################################################################
#####
Subject: DNS Multiple Race Exploiting Tool release
Homepage: http://www.securebits.org/dnsmre.html
Download: http://www.securebits.org/tools/dns_mre-v1.0.tar.gz
OS: The tool runs on Linux
Target OS: Tested against windows 2003 server
############################################################################
#####
PUBLIC
=========================================================================
ACROS Security Problem Report #2010-04-12-2
-------------------------------------------------------------------------
ASPR #2010-04-12-2: Local Binary Planting in VMware Tools for Windows
=========================================================================
Document ID: ASPR #2010-04-12-2-PUB
Vendor: VMware, Inc. (http://www.vmware.com)
Target: VMware Tools for Windows
VSR Security Advisory
http://www.vsecurity.com/
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: VMware Tools Multiple Vulnerabilities
Release Date: 2011-06-03
Application: VMware Guest Tools
Severity: High
Author: Dan Rosenberg <drosenberg (at) vsecurity.com>
Vendor Status: Patch Released [2]
- The virtual machine is running a Windows operating system.
- The VMware Descheduled Time Accounting driver is installed
in the virtual machine. Note that this is an optional (non-
default) part of the VMware Tools installation.
- The VMware Descheduled Time Accounting Service is not running
in the virtual machine
The VMware Descheduled Time Accounting Service is no longer provided
7. *Credits*
This vulnerability was discovered by Nicolas Economou from Core Security
Technologies. Technical analysis and proof-of-concept tools were
developed by Nicolas Economou and Diego Juarez from Core's Exploit
Writers Team.
8. *Technical Description / Proof of Concept Code*
Hi.
Recently, there has been news regarding Flash authoring tools and XSS,
but the articles contained little technical information. So, I created
a detailed report at:
http://docs.google.com/Doc?docid=ajfxntc4dmsq_14dt57ssdw
An abbreviated version intended for full-disclosure, bugtraq, and
websecurity lists is below.
Summary
=======
Unified Contact Center and Intelligent Contact Management products
contain a vulnerability that may result in unauthorized access to the
web-based reporting and script monitoring tool (Web View) and the
web-based configuration tool (Web Admin).
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20071017-IPCC.shtml.
PUBLIC
=========================================================================
ACROS Security Problem Report #2010-04-12-1
-------------------------------------------------------------------------
ASPR #2010-04-12-1: Remote Binary Planting in VMware Tools for Windows
=========================================================================
Document ID: ASPR #2010-04-12-1-PUB
Vendor: VMware, Inc. (http://www.vmware.com)
Target: VMware Tools for Windows
ESXi any ESXi not affected
ESX any ESX not affected
c. OS Command Injection in VMware Tools update
A vulnerability in the input validation of VMware Tools update
allows for injection of commands. The issue could allow a user
on the host to execute commands on the guest operating system
with root privileges.
Despite of the fact that this protocol is not complex,I think it has a
potential interest regarding SCADA security.You'll see why.
HICP, is intented to configure HMS's products that include ethernet/
capabilities, since they need a method for configuring Internal
IP,DCHP,NetworkMask,DNS,gateway.... In 2004 HMS released a free tool
named "Anybus IPconfig" which can be used to scan a network where the
devices are connected, then proceeding to configure them. The components
of this application are a simple MFC based GUI and a dll (hicp.dll). So
let's take a look at the exports:
The program found several UTF-8 byte sequences that traslate to a dot-dot
substring after the call to 'MutliByteToWideChar', the first one of them
being '"0xc20x2e0xc20x2e_'.
In order to develop test tools and the final exploit we used the wonderful
information and tools released at the VM Back project [7]by Ken Kato and
other contributors. Using the project's VMFtp tool with a few
modifications it is trivial to produce a working exploit. Our approach for
a proof-of-concept test was to modify VMFtp's source code to replace all
occurrences of ''+'' with ''\xc2'' in an input pathname.
iKAT - Interactive Kiosk Attack Tool v3
----------------------------------------
http://ikat.ha.cked.net
It is with my great pleasure that i would like to introduce iKAT v3.
iKAT - The Interactive Kiosk Attack Tool is the worlds premier
Internet Kiosk/Citrix/Thin-Client hacking tool.
Designed as a SaaS, iKAT features many methods of escaping out of a
browser jailed environment and gaining command execution.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03082368
Version: 1
HPSBHF02723 SSRT100536 rev.1 - HP Protect Tools Device Access Manager for Windows, Remote Execution of Arbitrary Code, Denial of Service
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-12-01
Last Updated: 2011-12-01
.:[Software Description:
This is a tool that performs version fingerprinting on Microsoft SQL Server
2000, 2005 and 2008, using well known techniques based on several public tools
that identifies the SQL Version. The strength of this tool is that it uses
probabilistic algorithm to identify the version of the Microsoft SQL Server.
The "Microsoft SQL Server Fingerprint Tool" can also be used to identify
vulnerable versions of Microsoft SQL Server.
We are preparing the third Static Analysis Tool Exposition (SATE).
Briefly, participating tool makers run their tool on a set of programs.
Researchers led by NIST analyze the tool reports. The results and
experiences are reported at a workshop. The tool reports and analysis
are made publicly available later.
The draft plan (including a summary of proposed changes since last
year) is at
http://samate.nist.gov/SATE2010.html
We are preparing an exposition for static analysis tools that find
security relevant defects. Briefly, participating tool makers run their
tools on real programs. Researchers led by NIST analyze the tool
reports. Everyone reports results and experiences at a workshop. The
tool reports and analysis are made publicly available later.
The plan is at http://samate.nist.gov/SATE.html
We plan to provide the test sets by 19 August, and to hold the workshop
on 6 November.
3) An AS/400 web site (by Shalom Carmel):
http://www.hackingiseries.com/
4) Auditing framework:
http://www.security-database.com/toolswatch/AS-400-Auditing-Framework-Beta.html
5) Comments of note:
> ... some default services on AS/400 allow
> annonymous access including POP3, SMTP, LDAP, FTP, etc. But what
From the April 2008 MSRT EULA (which is the latest I have):
" However, Microsoft may collect and publish aggregated data about the use of the software."
For all we know, Microsoft includes a database of signatures of known malware files on the removal tool being handed out to law enforcement, and that's the only information that's been handed over. Or perhaps Microsoft got the consent of specific users to hand information over the 3rd parties? We don't know, because we don't have facts.
At the moment all you have is:
a) one PC World article that claims Microsoft has used information gathered from the MSRT in the tool handed to law enforcement
b) even assuming that (a) is strictly correct, we don't know what information was actually used/included
c) and if the information is aggregate in nature (e.g. names and hashes of known malicious files) then it appears to be within the scope of the EULA than end users agree to anyway.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01399648
Version: 1
HPSBST02321 SSRT080029 rev.1 - HP StorageWorks Library and Tape Tools (LTT) Running on HP-UX, Local Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-03-18
Last Updated: 2008-03-18
SOURCE CODE:
http://oss.coresecurity.com/pshtoolkit/release/1.3/pshtoolkit_v1.3-src.tgz
BINARIES:
http://oss.coresecurity.com/pshtoolkit/release/1.3/pshtoolkit_v1.3.tgz
DOCUMENTATION:
http://oss.coresecurity.com/projects/pshtoolkit.htm
http://oss.coresecurity.com/pshtoolkit/doc/index.html
Hi,
Scare, the Source Code Analysis Risk Evaluation tool for measuring security
complexity in C source code is now available. The tool is written to
support the OpenTC project (opentc.net) as the SCARE methodology project
available at:
http://www.isecom.org/scare
We have done some test cases with the tool already do track trends in Xen
Hi!,
I'm releasing Pass-The-Hash Toolkit v1.0, you can find it here:
http://oss.coresecurity.com/projects/pshtoolkit.htm.
source code:
http://oss.coresecurity.com/pshtoolkit/release/1.0/pshtoolkit_src_v1.0.tgz
binaries:
http://oss.coresecurity.com/pshtoolkit/release/1.0/pshtoolkit_v1.0.tgz
Next Page>>
|
