Irregular Expressions: August, 2012 archives

August 30, 2012 2:58 PM

SQL Injections

Posted by: Dan O'Connor

I have been doing some prep research for some up coming activities and I found an excellent cheat sheet of SQL injection commands. Here; Here is the standards that I usually...

0 Comments

RSS Feed

Email a friend

August 29, 2012 7:50 PM

I am currently testing a few php shells that I have against a test php site I created, and I thought I would share some of the basics of a RFI ( Remote File Inclusion ). When I need to deal with web apps this is the second thing I will try right after SQL injection. Here is the

0 Comments

RSS Feed

Email a friend

August 28, 2012 11:26 PM

Pen Testing

Posted by: Dan O'Connor

pen testing

I find it strange that physical pen testing and digital seem to have some sort of impenetrable wall between them when I talk with people. I know when doing a pen test you have your scope of what is off limits and how far you are supposed to go. These limits can be business based, maybe on...

0 Comments

RSS Feed

Email a friend

August 28, 2012 11:10 PM

Biomimicry

Posted by: Dan O'Connor

Biomimicry, ipv4, ipv6

Biomimicry or biomimetics is the examination of Nature, its models, systems, processes, and elements to emulate or take inspiration from in order to solve human problems. While...

0 Comments

RSS Feed

Email a friend

August 28, 2012 1:07 AM

Dropbox update

Posted by: Dan O'Connor

dropbox, dropbox privacy, two factor authentication with cell phones

If you have not noticed they have updated the security section of your dropbox account. You can now enable two factor authentication for your account. Basically it will send a PIN to your mobile device that you append to your password. I am a big fan of this form of two factor authentication. ...

0 Comments

RSS Feed

Email a friend

August 26, 2012 10:49 PM

What Is The Gauss Payload?

Posted by: Dan O'Connor

exploits as munitions, Gauss, malware, malware analyzing, malware engineering, Stuxnet, stuxnet source code

If you have not seen this yet, Gauss is something that appears to have come out of the same labs or workshop as Flame and Stuxnet. This specifically seems to be targeted against the financial industry in the middle east. Here is a Guardian article with some excellent information;

0 Comments

RSS Feed

Email a friend

August 26, 2012 10:31 PM

“I can tell you that as a commander in Afghanistan in the year 2010, I was able to use my cyber operations against my adversary with great impact,”

Posted by: Dan O'Connor

cyber, cyber army, cyber attack, cyber war, cyberwar, exploit, exploits as munitions

Very open comment about the cyber capabilities possessed by the US military. Here is the article I found, http://www.khou.com/news/world/167334595.html You can watch his speech right...

0 Comments

RSS Feed

Email a friend

August 23, 2012 12:14 AM

New CTF Game

Posted by: Dan O'Connor

games, hacking, hacking challenges, hacking ctf games, hacking games

Hurry you have one week from today, so next Wednesday the 29th. https://stripe.com/blog/capture-the-flag-20 I'll let you all know how I do!

0 Comments

RSS Feed

Email a friend

August 21, 2012 12:35 AM

Paypai.com

Posted by: Dan O'Connor

backdoor, malware, malware analyzing, malware engineering, remnux, trojan

I picked up another similar listener to the Groupon one the other day. This again is an attached ZIP file with an exe inside. It says its from paypai.com depending on your font the i will look like a L. The exe looks like it has been reused but I don't see any mention of it's original file...

0 Comments

RSS Feed

Email a friend