you're welcome to download and distribute :)
Minggu, 26 Februari 2012
Jumat, 10 Februari 2012
Buffer OVERFLOW
The Buffer OverFlow is a special case of violation of memory safety.
the normal program access the alocated memory which provide by the script of the program itself, but the attacer triggered the buffer OverFlow by input an excecution code that infected the running process.
the ressult is anomaly of the program's operation such : error on the accessing memory, incorect output result, a breach of system security, and etc..., those vulnerabilities could be exploited by th attacker.
the normal program access the alocated memory which provide by the script of the program itself, but the attacer triggered the buffer OverFlow by input an excecution code that infected the running process.
the ressult is anomaly of the program's operation such : error on the accessing memory, incorect output result, a breach of system security, and etc..., those vulnerabilities could be exploited by th attacker.
 |
| http://en.wikipedia.org/wiki/Buffer_overflow |
FUZZING
The FUZZ is the technique to test the reliability of the system, the test is implemented by bombarding the system with ramdom data until the system is "CRASHED"
about "Shodanhq.com"
the Shodahq.com is the website that provide the information of the host/node in the internet network.
the usage of shodanhq generating the information about vulnerabilities on the host system, because shodanhq can detect which application is used.
the usage of shodanhq generating the information about vulnerabilities on the host system, because shodanhq can detect which application is used.
the Sqlinjection and the Blind Sqlinjection
Based Story.
The SQL was used to manage the query of database,
The SQLinjection.
the injection-code techniques that exploits a security vulnerability in a webSite, in order to dump the database content to the attacker, or to manipulate the web application to performs operations on the database.
The Blind SQLinjection
the result of Blind SQLinjection are not visible to the attacker, the display of the vulnerability depens on logical statement that injected into the legitimate SQL Statement to perform sepecific operation to call the page resources.
The SQL was used to manage the query of database,
The SQLinjection.
the injection-code techniques that exploits a security vulnerability in a webSite, in order to dump the database content to the attacker, or to manipulate the web application to performs operations on the database.
The Blind SQLinjection
the result of Blind SQLinjection are not visible to the attacker, the display of the vulnerability depens on logical statement that injected into the legitimate SQL Statement to perform sepecific operation to call the page resources.
Priviledge Escalation
The Privilidge Escalation means overiding the authentication on the target victim's legal access.
Langganan:
Komentar (Atom)